Few tech inventions have endured the way email has. We’ve been checking our virtual inboxes for decades, and the basic concept hasn’t really evolved—you send emails; you get emails. According to this email marketing stats infographic, 95% of online consumers use email, and 91% of them check their accounts once a day. If we surveyed those email-checkers, they’d probably tell us that the bulk of their received messages look a lot like the snail mail taking up the most space in their physical mail boxes: offers, ads, and junk. But that’s not a bad thing—not if those marketing plays work, anyway. Another stat on the email marketing stats infographic: For every $1 spent on email marketing, businesses get a $44.25 average return on investment. So, if you’re not doing it already, you should probably add email to your clinic’s marketing toolkit. For good measure, here are a few more convincing reasons:

  • It’s relatively cheap to do, with very little upfront investment. Many email marketing tools have free or low-cost plans based on the number of emails sent—and such packages are ideal for small businesses.
  • It’s easy. Most email marketing programs have turnkey templates to quickly get you started with things like newsletters.
  • It allows you to maintain relationships with patients and create brand awareness (think monthly newsletters, holiday cards, and birthday notes).

Convinced? Perfect. Now, before you get started crafting a winning email marketing strategy, it’s crucial you establish a compliant foundation. Yes, I’m talking about HIPAA. Unfortunately, that’s all it takes to cause many providers to shy away from email marketing altogether. But I just convinced you that email marketing is a great way to engage patients and drive sales. So, what to do? Well, the key to HIPAA-compliant email marketing is getting permission.

Looking for more great advice on how to market effectively—and compliantly? Download our free modern marketing e-book.

Before I launch into my HIPAA advice, allow me to issue a blanket CYA: While I’m quite experienced in researching, deciphering, and writing about HIPAA rules and regulations—as well as the associated legalese—I am not a lawyer, nor do I have any HIPAA certifications. So please, if you have specific questions about HIPAA rules, regulations, and laws, feel free to ask them in the comments section below—but be advised, I may recommend (scratch that, I am recommending) that you speak to a legal professional or certified compliance expert (like Rick Gawenda of Gawenda Seminars or Tom Ambury of the PT Compliance Group).

Furthermore, keep in mind that we’re talking about email marketing. So, leave the PHI out of it, and stick to communication that is appropriate and relevant to large groups of readers—like sharing great content that speaks to, say, a segment of patients who are runners or a segment of patients who participate in aquatic therapy. Part of that content might involve promoting your clinic’s wellness services or upcoming events. Remember, the rules for sending PHI via email are far more strict than those governing other types of patient-provider email communications. As Luxsci states:

  • Any service—as well as its associated web interface—that you use for composing, sending, monitoring, and managing these messages and their corresponding campaigns must have a signed HIPAA Business Associate Agreement with you.
  • The messages you send must be secure and encrypted in transit to every recipient.

Still, the HIPAA rules around marketing—especially since the introduction of the 2013 HIPAA omnibus ruling—are murky at best. (Luxci boils it down like this: “If [the emails] are generic marketing or informational materials that are sent out to a wide array of people...not PHI.  If they are more specific like ‘suggested rehab plans’ or ‘test results’ or ‘appointment followup surveys or information,’ then they will probably be PHI.” See what I mean about murky?) That’s why, rather than deconstruct the rules on a case-by-case basis, I recommend that you simply include a marketing communications opt-in form as part of your intake packet. That way, there’s no question as to whether you can use your patients’ email addresses for marketing purposes.

Within the form, clearly explain the types of communications you will send. If patients hesitate to opt-in, explain how those communications will benefit them. And if patients still choose not to opt in, respect that decision and don’t press the issue. After they become more comfortable with you and your practice, you could always bring it up again later. For example, if during treatment you mention a wellness event that your clinic is hosting, and the patient seems interested in attending, you could mention that you plan to send out an invitation to your email list—and ask if they’d like to opt in.

On the flipside, you are actually legally required to provide a clear avenue for your opt-ins to unsubscribe at any time. Unsubscribe links typically appear at the bottom of any marketing communications. You absolutely must—and I cannot emphasize this point enough—comply with any unsubscribe requests you receive.

In addition to an opt-in form, I recommend verifying that your email software vendor understands HIPAA and works with you to ensure compliance. Also, check out the HIPAA-compliant email marketing advice from Etna Interactive. Finally, remember that the email addresses you collect are considered PHI. Thus, you must handle them accordingly. That means no selling or disclosing them unless expressly allowed under HIPAA law.  


Now that you’re hip to HIPAA, it’s time to ignite your email marketing efforts. HIPAA requires a lot of precautions, but you shouldn’t completely shelve email out of fear. Take the necessary precautions—like you do for everything involving HIPAA—and reap the benefits of email. It’s better to be safe—and put in whatever legwork you need to make it work—than to avoid it altogether and be sorry you missed out on potential business.

Untapped Potential: The Art of Discovering and Selling Your PT Value - Regular BannerUntapped Potential: The Art of Discovering and Selling Your PT Value - Small Banner
  • Evolve 2014 San Diego Video Recap Image

    articleApr 7, 2014 | 2 min. read

    Evolve 2014 San Diego Video Recap

    We really appreciate everyone who attended our last Evolve session in San Diego. For those who missed the event or would like to relive it, we captured all of the presentations on video. So, grab some popcorn and settle in for a wealth of advice to help you improve your private practice’s bottom line.   WebPT and Culture: A Tale of Rapid Growth by Heidi and Brad Jannenga In this presentation, WebPT Co-Founders Heidi and Brad Jannenga …

  • HIPAA Rules for Marketing and Sales Image

    articleMay 20, 2014 | 5 min. read

    HIPAA Rules for Marketing and Sales

    Today’s blog post comes from compliance expert Tom Ambury of PT Compliance Group and WebPT writer Erica Cohen. Before you get too far into your plans to beef up your clinic’s sales and marketing efforts, remember that you’re a healthcare provider first, which means you’ve got some HIPAA hoops to jump through (ahem, rules to follow) that the small business owner down the street probably doesn’t have to worry about. Before we get into that, though, let’s …

  • All the Juicy Goodness, None of the Cholesterol: How Guest Blogging Impacts Your SEO Image

    articleMar 11, 2015 | 7 min. read

    All the Juicy Goodness, None of the Cholesterol: How Guest Blogging Impacts Your SEO

    Guest blogs are like eggs: they serve many purposes, they’re delicious (when done right), and the world seems to go back and forth about whether they’re actually good for you. Just last year, for example, Google honcho Matt Cutts made no attempt to sugar-coat his assessment of guest blogging’s place—or lack thereof—in the modern marketing tool box: “...stick a fork in it: guest blogging is done,” he wrote on his blog . Fast-forward to 2015, when marketing …

  • The Essential Guide to Disaster-Proofing Your PT, OT, or SLP Practice Image

    articleSep 28, 2015 | 11 min. read

    The Essential Guide to Disaster-Proofing Your PT, OT, or SLP Practice

    September is Disaster Recovery Month, which makes it a perfect time to think about disaster-proofing your practice. If you’re ready to skip this blog because you don’t think a disaster will impact your practice, consider the following factors: Not all disasters are city-wide events, and a disaster of any scale could destroy your practice. These events come in all shapes and sizes, from the sprinklers going off in your clinic and destroying your equipment, to snow storms …

  • articleAug 19, 2011 | 5 min. read

    Facebook for your Practice: How to Setup your Page and Engage Both Your Current and Potential Patients

    Facebook has become a part of over 750 million user’s daily lives. There is a pretty high chance that you have a personal account to stay in touch with your family and friends, but have you ever thought of having a Facebook page for your practice? Studies in healthcare marketing have shown that Facebook can increase revenue and loyalty . Plus, it’s a great way to connect with your current patients, referring physicians and community partners. If …

  • How to Get New Patients: Calling Dr. Google! Image

    articleAug 14, 2014 | 4 min. read

    How to Get New Patients: Calling Dr. Google!

    Brrrring! Just like that, my phone rings, and on the other end of the line is a new patient inquiring about an appointment—a new patient sent from my number-one referral source. This source requires no pandering, office lunches, or thank-you letters, and it will refer hundreds of new patients to your practice, too. Who is it? Dr. Google, of course. Dr. Google is the referral source I have to thank for the majority of new patients who …

  • The Dos and Don’ts of PPC for PT Image

    articleMar 19, 2015 | 8 min. read

    The Dos and Don’ts of PPC for PT

    It’s trackable. It’s targeted. It’s PPC! Pay-per-click is one of the most popular forms of online advertising today, which means if you haven’t given PPC a chance yet, now’s the time . Wondering how to get started? Here’s a quick primer on the basic dos and don’ts of running a PPC campaign. The Dos of Running a PPC Campaign Do Try PPC Advertising Putting real money at risk to advertise on search engines—without any guarantee of results—might …

  • How to Take Over the Internet: 5 Simple Strategies to Win More Patients Image

    webinarFeb 27, 2015

    How to Take Over the Internet: 5 Simple Strategies to Win More Patients

    Nowadays, everyone is looking for a way to “go viral” online. But with all that go-big-or-go-home hype, it’s easy to get intimidated—and that leaves many small business owners wondering if they have the time, resources, or wherewithal to even make a dent in the Internet, let alone break it.  Don’t get stuck in the muck and mire of cliché goals; you don’t have to hit a million views to make a big impact online. As a private …

  • Social Media, HIPAA, and You Image

    articleSep 11, 2014 | 5 min. read

    Social Media, HIPAA, and You

    At this point, who doesn’t use some form of social media?  I’m not very technologically savvy, but even I have social media accounts—they’re great for staying in touch with my family on the west coast. Of course, when it comes to how I use my personal account, I still must use discretion regarding what I post. For example, I have a Labrador retriever. We brought her to the beach with us for vacation, and she loves to …

Achieve greatness in practice with the ultimate EMR for PTs, OTs, and SLPs.