Most industries have the benefit of being able to respond fully to negative online reviews. They can dive into the dirty details and set the record straight. Whether or not that makes good PR sense is a business decision. A restaurant can respond that a patron was rude with the staff, inebriated, and unable to control his alcohol. A hotel can respond that its guest was a slob and destroyed the room. The law has little to say about such matters.
But, a physician’s hands are tied by HIPAA and state privacy laws. Some doctors believe that since they do not accept insurance, HIPAA does not apply. But, many state laws rely on HIPAA as the guide for how to manage privacy. So, even if you do sidestep the technical requirements for HIPAA, you still are beholden to state law.
If a patient posts a negative review online and decides to disclose some or all the details of his treatment, a doctor is constrained in responding. He cannot respond online without the patient’s written authorization. And what patient would give such authorization after care has been rendered and they are unhappy?
Several doctors have asked about getting a patient’s authorization to respond publicly to a negative online review in advance of care being delivered. Wouldn’t that sidestep the problem of a patient giving authorization? Is this HIPAA safe?
I do not believe the strategy would be effective. Here’s why…
(a) If you ask for a patient’s authorization, it needs to be a standalone document and not 8 point text buried in the middle of a pile of other documents. Further, it must include mandatory HIPAA authorization language, including a statement that patient is free to withhold such authorization and it will not affect whether care is provided. This will invariably lead to questions. And how many patients will decide to go elsewhere.
(b) The patient may just post your consent language online and you will have a public relations issue.
(c) Finally, the patient is allowed, by HIPAA, to withdraw any authorization they provide to release of protected health information. So, it is possible for the patient to sign the consent, be treated, withdraw the authorization, then slam you online.
The solution to pollution is dilution. One angry voice among many happy voices is not nearly the problem most doctors think it is. Further, an occasional negative review makes the others appear more credible; more authentic. Finally, there are HIPAA compliant ways to respond to negative online reviews. Just ask us.
What do you think?
Did you enjoy this article?
Then you may enjoy our white paper, How Doctors Can Avoid 5 Marketing Landmines that Risk HIPAA & Regulatory Compliance. Maintaining compliance with HIPAA, TCPA, the FTC, and the host of other regulatory boards is complicated. An inadvertent error can result in massive fines, but there is much to be gained from a smart online strategy if you avoid the minefield of potential violations.