Posted on 
May 16, 2024

Introducing Freshpaint HIPAA-Compliant Maps: Help Patients Find You Without Violating Privacy

A quick note before you read: On June 20, 2024, a federal judge vacated a narrow part of the OCR web tracker guidance that an individual’s IP address combined with a visit to a public healthcare website triggered a HIPAA violation. However, the rest of OCR’s web tracking tech guidance remains intact. To keep track of the latest updates, head over to the Freshpaint healthcare privacy hub.

Geography's impact on healthcare can't be ignored. Patients want to easily find care near them. If healthcare organizations make it easy for patients to find care close to their homes through frictionless digital experiences, more patients will book appointments.

Take the example of a healthcare organization in the Southeastern United States. This organization revamped its digital experience with a "Healthcare Near Me" campaign to help patients easily find nearby services.

A big component of that digital experience overhaul was the use of embedded maps on their website. The team at this healthcare organization understood how important geography was for their patients. They learned through research that if patients can easily find providers near them, they would be more likely to get the quality care they need. 

When this organization completed their overhaul, they saw their conversion rates increase by nearly 60% overnight. 

A big component of that overhaul was the use of embedded maps. Embedded maps make finding locations and scheduling appointments frictionless. However, they also pose major privacy problems. 

For example, Google Maps needs to know your IP address before it can show you a map—it’s just a function of how the tool operates. That’s fine when you’re shopping for shoes, but when you’re looking for medical services, it’s one step away from a HIPAA violation.

Therein lies the paradox: Healthcare providers need maps to provide a frictionless digital experience, but the technology that makes those maps useful can get you in hot water with regulators.

At Freshpaint, we’re committed to helping healthcare organizations build frictionless digital experiences, while still protecting patient privacy. That’s why we’re announcing our newest product in our Healthcare Privacy Platform: Freshpaint Maps. Freshpaint Maps utilizes our BAA-supported platform to enable healthcare providers to fully replace Google Maps. This solution retains all the essential features of Google Maps while ensuring the protection of patients' health information.

Keep reading to learn more about the threats traditional maps pose to healthcare providers and how Freshpaint Maps mitigates them.

Why Do Maps Pose Problems for Healthcare Providers?

Let’s start with a quick Computer Science 101 lesson on how embedded maps work. When you embed a third-party mapping tool (such as Google Maps) on your website, it requires sharing a visitor's IP address (your approximate location) with the map’s servers. That might sound malicious, but it’s just how the internet works.

When you’re a healthcare provider, that embedded map doesn’t just collect a visitor’s IP address—it collects protected health information (PHI) too.

Let’s say you’re an oncology clinic. If someone is on your site looking at locations for oncology treatment in their area, that implies they may be seeking treatment and therefore infers private health information about that visitor.

This isn’t like an informational page on your website where the visitor might just be someone researching a medical condition for their mother. There’s clear intent on a page with an embedded map to find treatment.

A map that doesn’t know what the visitor is looking for (or where they’re located) would be useless. That leaves you with one potential workaround: Obtain a Business Associate Agreement (BAA). This is a legally binding relationship between HIPAA-covered organizations and business associates that ensures PHI security and HIPAA compliance.

In a perfect world, Google Maps would sign a BAA so you could use their technology without worrying about compromising anyone’s privacy. But Google won't sign BAAs because that would require them to curb their data collection practices—and that’s something Google definitely doesn't want to signal to the market (or regulators). 

Healthcare marketers shouldn’t have to choose between privacy and accessibility—that’s where Freshpaint Maps comes in.

How Freshpaint Maps Solves the Privacy Problem

Freshpaint Maps is a Google Maps replacement that gives you the features and flexibility you need to elevate your website’s user experience—all while staying HIPAA-compliant. Let’s take a look at four key features of Freshpaint Maps.

BAA-Supported

Freshpaint Maps is hosted on Freshpaint’s BAA-supported Healthcare Privacy Platform. This ensures Freshpaint can safely collect PHI without violating privacy regulations.

Translation: Website visitors get the experience they want, and you don’t have to worry about HIPAA violations.

Pannable, Zoomable Embedded Maps

Just like Google Maps, users can pan and zoom on Freshpaint Maps to familiarize themselves with your locations, and the surrounding area, to better plan their visits.

Interactive Maps With Locations

Within Freshpaint Maps, users can click on your marked locations to discover all of the care options that are accessible to them.

Built-In Search Functionality 

Let website visitors search for your nearest location based on their address, zip code, or city.

Customizable Styles

Freshpaint Maps includes four customizable themes that you can tailor to your website’s aesthetic. This ensures you don’t have to choose between form and function.

Ready to Make Your Maps HIPAA-Compliant?

Using maps across your healthcare website undoubtedly delights users and improves accessibility, but you can’t compromise privacy along the way. 

That doesn’t mean you need to remove the legacy maps from your site—it just means you need to swap them for HIPAA-compliant ones like Freshpaint.

Like it or not, your website is going up against brands like Airbnb and IKEA, which have mastered the art of UX without having to worry about HIPAA. That’s why Freshpaint Maps provides the fast, seamless experience that people today expect. 

Want to see Freshpaint Maps for yourself? Request a demo here.

Steven Fitzsimmons
Co-founder
view All Posts
Featured Posts
HIPAA COMPLIANCE
Direct Response, Remarketing, and Programmatic Advertising: The HIPAA Pitfalls You Didn't Know
HIPAA COMPLIANCE
IP Addresses and HIPAA Compliance: Unpacking the Risks for Healthcare Websites
USE CASES
Don't Remove It! Make Google Analytics HIPAA Compliant Instead
HIPAA COMPLIANCE
Staying HIPAA-Compliant: How to Detect Web Tracking Risks on Your Website
HIPAA COMPLIANCE
A Privacy-First Framework for HIPAA Compliance: Managing Third-Party Tracking on Healthcare Websites
HIPAA COMPLIANCE
Cut the Jargon: A Look at the FTC-HHS Privacy Warning and What It Means For Your Healthcare Org
USE CASES
How To Make Facebook Ads HIPAA Compliant and Still Get Conversion Tracking
USE CASES
What HHS Has to Say About Tracking Technologies in Latest HIPAA Guidance
GROWTH & STARTUPS
Two Chairs Journey to a HIPAA Compliant Growth Stack
Stay Connected
Tweet this post: 
© 2024 Perfalytics, Inc.
Crafted in San Francisco