Data Analytics in Healthcare: Where Do We Go From Here?

HHS HIPAA-Compliant Tracking Updates

In today’s ever-evolving healthcare landscape, data analytics has become an indispensable tool for driving improvements in patient care, operational efficiency, and cost management. With the exponential growth of healthcare data and technological advancements, coupled with the increasing need to meet consumer expectations and convenience, analytics plays a pivotal role. It transforms raw data into actionable insights that empower organizations to make informed decisions and optimize operations.

In addition, the critical importance of safeguarding patient privacy and complying with regulatory requirements cannot be overstated. Recent lawsuits against hospitals and health systems are painting that picture very clearly. The revisions to the Health Insurance Portability and Accountability Act (HIPAA) guidelines underscore the need for healthcare organizations to correctly navigate data while ensuring strict adherence to privacy regulations effectively ushering in a new future for healthcare data analytics. 

In this article, we explore healthcare analytics intricacies, the impact of HIPAA guidelines, and emerging trends reshaping the healthcare landscape, highlighting the positive opportunities they offer.

Understanding Analytics in Healthcare

Healthcare analytics is the use of data to extract valuable insights needed by organizations to help measure various goals and KPIs as well as inform decisions within an organization. By leveraging analytics techniques such as predictive modeling, machine learning, and data visualization, healthcare organizations can unlock the hidden patterns and correlations within their data, leading to better understanding the ROI of their digital initiatives and products. 

From electronic health records (EHRs) and medical imaging to wearable devices and telehealth platforms, the increase of digital technologies has resulted in an unprecedented volume and variety of healthcare data and the sources they come from. This wealth of data presents both opportunities and challenges for healthcare organizations. While analytics holds the promise of revolutionizing healthcare delivery, organizations must address various barriers, including data silos, interoperability issues, and data security concerns, to fully realize its potential.

HIPAA Guidelines and Their Impact

HIPAA regulations serve as the cornerstone of patient privacy and data security in the healthcare industry. They aim to enhance the protection of patients’ protected health information (PHI). The evolving revisions introduce stricter requirements for data collection, handling, sharing, and analysis. Healthcare organizations are now tasked in new ways to ensure that their analytics practices and platforms comply with HIPAA regulations. They must safeguard patient privacy to avoid potential legal and reputational risks.

HIPAA guidelines also emphasize the importance of implementing robust security measures. These measures include encryption, access controls, and audit trails. They aim to protect sensitive healthcare data throughout its lifecycle. Furthermore, to keep all of these efforts secure, healthcare organizations should conduct comprehensive risk assessments. They should also adopt privacy-enhancing technologies to mitigate the evolving threats posed by cyberattacks and data breaches.

Examples of PII and PHI

According to the HHS, PHI is “individually identifiable health information, including demographic data.” While the guidelines can be difficult to fully interpret, there are 18 key types of data collected that would be considered PHI identifiers such as:

  • Patient names
  • IP addresses
  • Geographical elements
  • Dates related to the health or identity of individuals 
  • Email addresses
  • Social security numbers
  • Medical record numbers
  • Telephone numbers
  • Fax numbers
  • Health insurance beneficiary numbers
  • Account numbers
  • Certificate/license numbers
  • Vehicle identifiers 
  • Device attributes or serial numbers
  • Digital identifiers (websites/web pages visited, URLs, IP addresses…)
  • Biometric elements, including finger, retinal, and voiceprints
  • Photographs of a patient’s face
  • Other identifying numbers or codes

Using any combination of personal identifying information (PII) with protected health information (PHI), either explicitly or implied, a HIPAA violation could occur. An example of implied PHI would be a visit to a specific condition page on your website while an explicit example would be a form submission on your website that contains health information.  

Balancing Compliance and Innovation

Achieving the right balance between HIPAA compliance and innovation is essential for healthcare organizations. They seek to harness the transformative power of analytics. Ultimately, they aim to deliver a user experience. This experience helps achieve goals and KPIs within the organization. While compliance with regulatory requirements is non-negotiable, organizations must also embrace innovative analytics solutions. These solutions drive improvement and change in healthcare delivery and access to care. By leveraging proper data tracking and collection along with cutting-edge technologies such as artificial intelligence (AI), machine learning (ML), and natural language processing (NLP), healthcare organizations can unlock new insights from their data. This leads to more personalized care, proactive interventions, and improved outcomes for patients.

However, innovation must be accompanied by stringent data governance practices and robust security measures. These measures ensure the confidentiality, integrity, and availability of healthcare data. Healthcare organizations should prioritize investments in analytics platforms. These platforms deliver the proper data security technologies to maintain HIPAA compliance. They also foster a culture of innovation and data-driven decision-making.

Exploring Alternative Analytics Platforms

Today, analytics platforms like Google Analytics (GA4) are ill-suited for healthcare due to their inability to ensure HIPAA compliance or sign a Business Associate Agreement (BAA). As a result, healthcare organizations are turning to specialized analytics platforms tailored to their needs and regulatory requirements. 

The old method of healthcare data analytics involved having website and user data tracked in GA4 and then reporting out using that information. It was a free tool to use and generally provided the essentials more healthcare organizations needed. However, the days of “free analytics” in healthcare are over and a new dawn has been ushered in, which is one of the more sophisticated data platforms that now come with a cost.

Emerging healthcare analytics platforms such as Heap, Freshpaint, Amplitude, and Adobe Analytics are gaining traction in our space. They offer innovative features and functionalities to meet the evolving needs of healthcare organizations. From data capture and event tracking to visualization and predictive analytics, these platforms enable healthcare organizations to unlock the full potential of their data. They drive meaningful improvements in patient care and organizational performance.

Analytics Logos: Heap, Freshpaint, Amplitude, Adobe Analytics, mixpanel, PIWIK Pro, Open Web Analytics, matomo

In addition, these and many other paid platforms, will sign a BAA and pledge to keep data more secure and compliant. Using Heap as an example, the new method of data collection would involve a paid platform sitting between the website and your data warehouse and essentially “combing” the data to only send through the information you tell it to. Platforms, such as Heap, also integrate with other popular tools either via the API or built-in native integrations while still allowing you to use conversion tracking tools, such as Google Tag Manager, and visualization tools, like Tableau or Looker Studio. 

Modea’s data analytics team is happy to speak to you about your organization’s unique needs for data collection and help you implement the right solution. 

Connect with Modea about data analytics for your organization.


While the increase in the cost of analytics is inevitable, it is necessary today. It effectively changes how organizations are using data and the importance they are placing on it. By using a free tool, like GA4, it can be easy to only report on the normal baseline data that is easy to obtain and view. By leveraging paid platforms, organizations are taking a deeper look at how they can leverage these solutions more than before. They extract more impactful data that informs changes and drives future growth. 

Many leading healthcare organizations are already harnessing the power of new healthcare data analytics and seeing the rewards of their efforts. A great example is how a health system could leverage analytics to optimize its emergency department operations and reduce patient wait times. By analyzing patient flow data and identifying inefficiencies in the care delivery process, they can implement targeted interventions. These interventions can lead to significant improvements in patient satisfaction and operational efficiency.

Similarly, healthcare organizations could utilize analytics to tailor treatment plans and improve outcomes for cancer patients. By analyzing patient data and clinical outcomes, hospitals could identify personalized treatment strategies that resulted in better outcomes and improved quality of life for patients.


Healthcare analytics holds immense promise for revolutionizing healthcare delivery and improving patient outcomes. However, HIPAA regulations and data privacy requirements dictate that we do it in the right way. Organizations can now implement solutions they are comfortable with and confident will keep them compliant with data and privacy regulations, allowing them to resume tracking meaningful data. 

When we look at the power of data and the insights it can provide, the time is now for healthcare organizations to use this information in ways we may have not thought to just a few years ago. Healthcare data analytics has evolved beyond tracking visits, clicks, and conversions. Instead, it is emerging as a pivotal driver in streamlining patient access and enhancing the quality of care they receive. 

Recent HHS HIPAA-Compliant Tracking Updates

HHS HIPAA Tracking Image

HHS Updated: March 18th, 2024

The Department of Health and Human Services (HHS) has provided updated information about user tracking on websites and mobile apps. This update highlights that browsing data tied to a patient’s healthcare needs remains safeguarded under HIPAA. The updated guidance emphasizes that simply having consent banners is insufficient for compliance. HHS considers the intent of a user’s visit to determine HIPAA compliance. If the visit is related to past, present, or future healthcare needs, the data is covered. Healthcare systems will face challenges in determining individual user intent. In most cases, by default, this guidance changes nothing about the high compliance and privacy standards. These standards are applied to the digital properties of ‘covered entities’ under HIPAA.

This guidance also emphasizes that merely adding a cookie or consent banner to your website isn’t sufficient for compliance. From the guidance: “Website banners that ask users to accept or reject a website’s use of tracking technologies, such as cookies, do not constitute a valid HIPAA authorization.” The guidance reinforces that A BAA is required with a tracking vendor to collect information in a HIPAA-compliant way. 

The release provides two specific examples of actions to take when a tracking vendor refuses to sign a BAA with you:

  1. Prior to the transmission of data to the third-party tool, you must remove PHI information from the data (de-identify the data): “If there is not an applicable Privacy Rule permission or if the vendor is not a business associate of the regulated entity, then the individuals’ HIPAA-compliant authorizations are required before the PHI is disclosed to the vendor.”
  2. Or, if you wish, you may contact each individual from whom you have collected data and obtain their written consent before transmitting data to a third-party vendor.

This reaffirms HHS’s previous stance, especially significant considering the lawsuits from Texas hospitals challenging it. The first of these standards is possible with a selection of paid tools. The second of these standards will be challenging to the point of impracticality for most healthcare organizations.

Additionally, a reputable law firm offers further insights.

To access the complete release from the Department of Health and Human Services, please click here.

Connect with Modea about data analytics for your organization.

5 Reasons to Continue Investing in Patient-Facing Mobile Apps

Five reasons to continue investing in patient-facing mobile apps image

If you pull your phone out and look at some of the most frequently used apps, what do you see? Are they applications that require authentication every time you log in? Do they require you to make a phone call or not allow you to easily accomplish the task that you opened the app originally to do in the first place?  Do your favorite brands punch you out to a third-party platform with unfamiliar branding and a disconnected user experience?

Chances are, most of the mobile apps you use in your day-to-day make your life easier, not harder. Perhaps you’re using your phone to make a quick purchase with a few taps or to book your weekly workout classes. We have come to rely on our favorite apps to deliver a seamless user experience that makes it easier to accomplish our goals.  

So, why do we continue seeing this in so many healthcare systems with dated mobile apps that often produce more headaches and frustration for the user than they should? 

While we have made significant progress on the mobile app and technology front in healthcare over the last few years, there is still much work to be done. To help paint this picture of what the future looks like for mobile applications and usage in healthcare, we have put together five important statistics we think you should know. 

#1 – Investment in mobile health applications is set to more than double by 2030

In 2021, digital health apps available on app stores numbered around 350,000, with $13.4 billion invested in this growing trend. By 2030, experts predict that the same investment will more than double as the healthcare industry continues to understand increasingly how apps fit into consumers’ daily lives and make a significant impact.

#2 – 93% of healthcare professionals believe mHealth apps can improve patient outcomes

This really shouldn’t come as a surprise, with rapid adoption and increased research into the effectiveness of mobile apps. Almost every healthcare organization we speak to is looking to invest more resources into their consumer-facing mobile app(s). A significant factor in these statistics is the ability to quickly book appointments, receive alerts, reminders, and communicate seamlessly with providers.

#3 – Mobile apps are a part of everyday life

Continued growth in recent years has led to approximately 85% of adults in their 50s and 60s using smartphones. Alongside the younger generations already reliant on this technology, the aging population is adapting to using technology for improved daily experiences. This demographic increasingly relies on technology. Healthcare apps expect to play a significant role in access to care and care management for people of all age groups and demographics. With nearly two-thirds of US adults using a healthcare-related mobile app in the last 12 months, the demand is there. 

#4 – Mobile apps can help increase revenue while decreasing time spent on repetitive tasks and resources used

Healthcare organizations face rising costs of care and increasing expenses for providers and talent. This shifts the focus towards operational efficiencies, streamlined workflows, and lower costs. The goal is to continuously improve patient care amidst these challenges. One of the best ways to do that is to invest in mobile apps for your patients and consumers.

Offering an app that builds trust in your brand allows patients to schedule appointments, check results, communicate with their providers, access telehealth, request prescription refills, and more. This saves time and allows your staff to focus on other daily tasks.

#5 – Consumers want easy-to-use experiences for managing healthcare

We conducted research on mobile usage to help healthcare organizations better understand consumer needs for mobile, specifically for managing their digital healthcare. More than half of the respondents in our survey said they want to “frequently use a mobile device to manage healthcare needs.” Among this group, women were more likely to want to use a mobile device to manage care. Also, the 30 – 44 year old cohort was the most interested in mobile usage out of any other age group. To add to this, the user experience is also key to improving access to care with mobile apps. Studies show that 41% of patients say they would stop going to their current provider over a poor digital experience. 

From our work with dozens of hospitals and health systems, we understand that women aged 30 – 44 are a key demographic. However, all consumers desire easy-to-use experiences. Today’s healthcare consumers are comfortable using their phones to access and manage care, and in most cases, expect to do so.

The ongoing research and the results paint a clear picture of healthcare and mobile app usage. We have only cracked open the door. We have an exciting future ahead in delivering a better patient experience that can lead to better access to care for all demographics across the country. 

How Should Healthcare Organizations Use Generative AI?

Generative AI header image

Nearly every day, we have at least one conversation with a healthcare organization about generative AI. Some are already using generative AI tools in some fashion. But to be honest, most of them are grappling with it. 

Generative AI–meaning a tool that generates language or an image when you feed it prompts—has been around for a while. But major strides in recent years with large language models (LLMs) have made AI faster, more accessible, and more reliable (though not without issues).

So, what should your hospital or health system be thinking about with generative AI? Let’s start with what we know most are thinking about right now.

What Do Companies Think They Should Do With Generative AI?

Gartner recently polled 2,500 executives, asking them what their primary focus was for generative AI initiatives. Not surprisingly, improving customer experience was at the top of the list. LLMs have made AI-fed chat features an increasingly popular tool for engaging customers. 

Also at the top was revenue growth, no doubt because lots of businesses are now commercializing generative AI. The other big answer was around cost optimization. In other words, using the technology to increase output while spending less money. 

Does this mean hiring less people? Are we right to fear that we’ll all be replaced by machines? It’s a popular trope and a good movie plot, but the reality is that generative AI works best with human interaction and oversight, not instead of it. 

The smartest organizations are the ones who don’t just see increased productivity as the ultimate end game for AI; rather, they see its potential for unlocking innovation from their teams. Instead of asking, How can this technology help me reduce my investment in human capital?  . . . They ask, How can this technology empower my people to add value to what they’re doing?

For that, we have 3 suggestions. 

1. Normalize Using AI Tools in Your Organization

Generative AI tools have exploded in the last year. ChatGPT, developed by OpenAI, went live in November 2022. It gives a response to a text-based prompt, like “write a paragraph about avocados,” or “organize these notes” for text you paste. ChatGPT is many people’s first introduction to how powerful generative AI can be for the work they’re doing.

However, there are concerns with both ChatGPT and DALL•E (an AI model designed to generate images from textual descriptions). First, these tools can be inaccurate and biased. And second, schools and universities are having issues related to academic integrity, and industries like publishing are having issues related to copyright. In fact, a group of authors is currently using OpenAI for copyright infringement, claiming their books have been used to train ChatGPT.

These are serious issues. But there are many ways for employees to use these tools for good. So many are already using them, but hiding it. If you lead a team, one of the best things you can do is empower people to explore generative AI. Explain both the benefits and the problems, and foster a culture where you can learn together what works and what doesn’t.

Other tools that may be helpful to organizations include: 

Most of these tools have options that range from free to enterprise-wide offerings.

2. Explore Healthcare-Specific Uses of Generative AI

The big digital players–Amazon, Google, and Microsoft—are building healthcare-specific LLMs. Google has an LLM called Med-PaLM, which aims to help providers make more accurate diagnoses. A provider can input patient data and get back probable diagnoses based on a patient’s medical history.

Amazon (HealthScribe) and Microsoft (DAX Express) are tackling different areas with their products, using LLMs to help providers transcribe, extract medical terms and medications, and create summaries from interactions with patients.

If your hospital or health system isn’t exploring these technologies, you absolutely should be. These tools are a perfect example of how generative AI is best when combined with human interaction and discernment.

EPIC has already been using generative AI technology, and has expanded its partnership with Microsoft. If you’re an EPIC organization, there’s now a suite of AI tools that can help with note summarization, documentation, and coding. Ultimately, these tools can help improve patient outcomes.

3. Consider Investing in Proprietary Generative AI

Bain recently surveyed 100 health systems and asked what use cases of generative AI they were most interested in. The top answers concerned billing/collections and analyzing patient data.

To truly do these things, you need an LLM to be fed with your own data. Imagine if you could input your private, custom billing data and ask the model which account is most likely to default in 30 days? Or feed it clinical summaries and ask it to create the medical billing codes for the procedures? Or input unique symptoms from a patient and ask about all the times in the last 5 years you had patients with those unique symptoms, and what the diagnosis was?

OpenAI is offering commercial versions that allow organizations to bring their own data and use it to feed the model, creating their own proprietary application. Healthcare organizations who really want to get out in front should consider creating a proprietary instance of generative AI to serve their organization’s specific objectives. 

So What’s Next?

When it comes to digital technology, hospitals and health systems have traditionally been late adopters. After all, it feels safer to wait, to have others mitigate the risks, and then to learn from their mistakes–even if it means playing catch-up. 

But in waiting, you’re losing so much potential value. A smarter play right now is to be ahead of the curve—at least exploring the tools and possibilities, if not yet investing heavily in them.

It’s early days for generative AI and there’s still a lot to discern. So go ahead and research. Explore. Learn. But whatever you do, don’t underestimate the effect AI will have on every aspect of your business. It’s not a fad, in the same way that personal computers, mobile phones, and the internet itself aren’t fads. 

If you’re part of a digital marketing team and would like to understand more about the potential of generative AI, we’re happy to sit down and talk. We don’t have a sales pitch or a specific product to sell in this space. We just want to keep the industry moving forward, because that’s how we all win.

The Future of Health: Insights from HLTH 2023

hlth image

Earlier this month, healthcare professionals from across the globe converged in Las Vegas for the annual HLTH conference. The event highlights the conversations shaping the future of healthcare delivery, technology, and policy. Leaders across the healthcare continuum shared their challenges and insights through panels on virtual care, health equity, data integrity, and interoperability. Additionally, they discussed the patient and caregiver experience, and digital innovation. Modea sent three of our own to learn from the best and brightest minds in the industry.

As healthcare consultants, Modea attended HLTH to explore the digital healthcare landscape among 10,000+ industry peers. There was no shortage of inspiration.

We learned about new technologies that enable better virtual care, opportunities to improve interoperability and, as a result, both the patient and provider experiences, and innovative use cases of generative AI. We’re eager to bring this inspiration forward into our product development work as we partner with our clients to better serve their customers.

In this blog post, we’ll cover our top takeaways from HLTH, and we’ll summarize how you might bring these insights into your consumer-facing product development practices.

Investing in the Entire Caregiving Experience is Crucial

The caregiver experience often remains an afterthought. However, caregivers tend to carry substantial purchasing power in healthcare, and therefore, caregiver satisfaction strongly predicts loyalty. Caregivers, like patients, will switch providers based on a poor or inefficient experience – digital and otherwise.

So how can payers and providers elevate the caregiver experience? Solutions that provide consolidated, thorough family health records, centralized scheduling, care coordination, and resources to ease the complex balancing act of caregiving are table stakes. Measurement is also important. Just as health systems measure patient experience from a clinical standpoint, measuring the wraparound care experience for patients and caregivers will help identify successes and opportunities. For instance, health systems might consider facilitating surveys to better understand the caregiver experience. Monitoring call volume metrics can also be an indicator of caregiver experience; reduced calls can indicate that caregivers are able to accomplish tasks via virtual self-service. 

Another consideration here is that women are more likely than men to be their family caregivers (a statistic that was exacerbated by the COVID-19 pandemic). Furthermore, the administrative burden of caregiving falls disproportionately on women of color. As such, reducing the caregiver burden is not only important from a patient/caregiver loyalty perspective, but from an equity perspective, as well. By reducing caregiver burden for women (and women of color), health systems can enable these caregivers to have more time for work, addressing their own healthcare needs, and more.

How to Apply this to Your Product Development Work: Caregiver User Research

From research through design, development, and testing, product development for patient populations often begins with a thorough study of the patient journey. However, there’s room for improvement in understanding not only the patient or patient-family journey (in the case of children’s hospitals) but also the experience of any caregiver involved in that patient’s care, be it a parent, spouse, child, or others. By better assessing the caregiver journey—considering their challenges, desires, and experience—product teams can intentionally create products that enhance not only the patient experience but also drive efficiencies for caregivers. Prioritizing products that improve the caregiver experience contributes to ROI, enabling the provision of more care to more people.

Leveraging Tech to Strengthen Patient-Provider Relationships

Virtual care promises convenience but threatens to jeopardize the human relationships at the heart of healthcare. Still, virtual care is necessary for improving access to care. Successfully scaling virtual medicine requires technology that augments trust and rapport between patients and providers.

We learned about several technologies aiming to strengthen the patient-provider relationship, and in doing so, improve the care experience. Leveraging universal patient identifiers is an effective way for patients and providers to consolidate health records. This consolidation offers providers with a fuller context of a patient’s history, ensuring better-informed care decisions. Consider the alternative experience where a provider lacks knowledge of a patient’s health history, potentially leading to inadequate care. Additionally, AI-powered chatbots and virtual assistants play a crucial role in streamlining routine administrative tasks for care teams. By automating these tasks, these technologies free up valuable provider time, allowing them to focus on more meaningful, human-level interactions with patients.

It’s important to remember, however, that solutions must enhance, not replace, human connection. 

How to Apply this to Your Product Development Work: Keep Tracking AI Use Cases

On a recent webinar, we heard the quote, “we’re in the flip phone era of AI.” What does that mean? Consider the significant evolution of cellphones since the introduction of the innovative flip phone in 1996. We’re at the dawn of the AI innovation era, where AI will be pivotal in shaping healthcare—accelerating drug discovery and optimizing hospital operations. To stay ahead, healthcare product teams must monitor AI trends, continuously learn, and integrate AI capabilities into consumer-facing products. The value of agile development is emphasized by AI and digital trends, ensuring iterative product building that evolves with accelerating AI innovation.

Community Health and Prevention

“Health is mostly not about healthcare,” declared Dr. Larry Moss, CEO of Nemours Children’s Health. Put in other terms, health mostly happens outside of the walls of a hospital or clinic. Education, nutrition, housing, and other social determinants drive the lion’s share of health outcomes. (Addressing social determinants of health was a big theme at the ViVE conference earlier this year.)

At HLTH, there was a lot of focus on solutions that address health outside of healthcare. For instance, Instacart Health’s Food as medicine program, which will now provide access to Medicare Advantage members, as well as the broader Well at HLTH exhibit, both underscore the emphasis of nutrition – and equitable access to nutritious foods – on health outcomes. 

Digital health companies can support providers in navigating new value-based incentives. This includes offering platforms and tools like patient engagement solutions for prevention and treatment adherence. Additionally, tools that actively involve patients in their care and community-level interventions can contribute to success.

How to Apply this to Your Product Development Work: Personal and Community-Level Journeys

The tools patients use to manage their health will continue evolving, both at the personal and community level. As you shape and assess your organization’s strategies and goals for the consumer digital experience, it’s crucial to grasp the new characteristics and solutions for the patient journey. This understanding will aid in evaluating the potential impact of product development initiatives. For example, consider how patients engage with care not only within the health system and digital platforms but also beyond those boundaries. What are they facing in their community that may impact their health outcomes? Do they have access to healthy food and pharmacies? How might your digital tools help level the playing field for members of your patient population with different personal or community-level experiences? 

A Focus on Whole Person Health

Historically, care delivery has zeroed in on isolated conditions and episodes. But momentum is building around “whole person health,” which considers the complete physical, mental, and social needs of patients. Whole person health represents a societal shift as much as a clinical one as patients themselves can drive more of their care and health outcomes. 

We heard from innovators changing the face of at-home diagnostics, advancing stress and fitness tracking, and focusing on underlying, root causes of conditions. Importantly, none of these innovations can exist in a vacuum. For “whole person health” solutions to take root, they must integrate with existing care pathways, whether that means connecting to patient health records, appointment scheduling, or treatment plans.

How to Apply this to Your Product Development Work: Rethink the Meaning of Omni-Channel

Whole person health takes omni-channel patient experience one step further. Traditionally at Modea, we’ve emphasized omni-channel care for a seamless transition between digital and analog points in the care journey. To fully encompass whole person health solutions, omni-channel must also consider everything the patient does outside traditional care settings, whether virtual or analog. What is the patient managing in their own time, on their own devices? How will these personalized health solutions integrate with the products you are building for their patients? Product teams that are paying attention to the whole person will be able to better serve the needs of the whole patient

In Summary

In the case of HLTH, what happened in Las Vegas will not stay in Las Vegas. Rather, it will carry implications for years to come. Along with 10,000+ of our industry peers last week, we learned about the innovations and frictions that will shape the future of healthcare. We hope that the insights and applications we shared through this article will help inspire you to think differently about your product development processes, whether in how you study your users, how you test your products, or how you build products that will adapt and evolve with new technologies. 

Here at Modea, as consultants helping our clients shape the digital healthcare experience, we are eager to carry these learnings forward into our work. Get in touch with us if you want to learn more about how we can apply these industry trends to day-to-day product development for your organization.

Improving Staff Well-Being and Retention Through Digital Solutions

image of a digital health tool and icons that represent different functions of health services

The state of the U.S. healthcare system and the increased demand placed on employees are contributing to a high number of health workers experiencing burnout and leaving their jobs. This trend stems from increasing mental wellness challenges as health workers are put in environments that strain their emotional, psychological, and physical health on a daily basis. 

image of nurse experiencing burnout while surrounded by piles of paperwork

What exactly is “burnout” and how does it affect a hospital? 

According to the 2022 U.S. Surgeon General’s Advisory on Building a Thriving Health Workforce, burnout is characterized by a high degree of emotional exhaustion and depersonalization (feeling “out of body”), as well as a low sense of personal accomplishment at work. Burnout can also be associated with anxiety and depression, and can be caused by organizational, structural, cultural, and societal factors. 

In healthcare, burnout is exacerbated by significant factors, particularly in recent years, although these challenges have always been present to some extent. Key contributors encompass overwhelming workloads, extended shifts, administrative burdens, and a lack of organizational support.

The Bureau of Labor Statistics projects a demand for over 203,000 nursing positions annually in U.S. healthcare organizations until 2031. Additionally, there’s a predicted shortage of physicians and behavioral healthcare providers. The increasing U.S. population and aging demographics contribute significantly to the shortages in physicians and behavioral healthcare providers. A deficiency of general surgeons in rural areas compounds the issue, as specialists are frequently not geographically close to these communities, compromising the access to care for rural residents.

To tackle challenges like physician burnout and staff shortages, healthcare organizations must explore both short- and long-term solutions for sustained success. Digital tools, in particular, offer a multitude of effective solutions.

The Power of Digital Tools 

As hospitals grapple with the challenges of physician burnout, there’s an increasing demand for improved and equitable access to care for patients. Employing the right tools can streamline care management for both patients and providers.

While no singular solution can address all of healthcare’s current issues, we’ve distilled our insights into several noteworthy digital initiatives that merit discussion.

1. Interoperability Across Technology Systems 

interoperability across technology systems which helps with worker burnout

Healthcare systems are embracing innovative technologies for substantial service improvements. An Electronic Health Record (EHR) system stands out as a prime example of a digital tool designed to alleviate care fragmentation. However, effectively introducing or managing such a system within your organization is a considerable challenge. As various departments in health systems integrate new technologies, a common issue arises: these technologies often lack interoperability, causing frustration and additional workload for staff.

Working towards better interoperability can alleviate some of the difficulties surrounding operations. Interoperability facilitates the exchange of health data between different systems, creating a more streamlined and effective health information ecosystem. This lessens the strain on those using and accessing the data. Digitizing and automating services, whether through third-party vendors or within the existing Electronic Health Record (EHR) system, is beneficial. It relieves healthcare workers from mundane administrative tasks, enhancing efficiency. (Note: that initiatives involving patient data sharing require significant involvement from your organization’s IT security and compliance stakeholders.)

Where to start: Modea recommends departments, such as marketing and IT, come together and audit the current technologies as well as the needs of the organization. Have you thought about creating journey maps for your staff? Consider how different members of your staff use various technologies and identify areas in their journeys that are complex and burdensome. 

We have worked with clients to create customer journey maps, as well as internal staff journey maps, so reach out to us if you would like to talk more in depth on this topic. 

2. Investing in Intranets For Staff and Providers   

investing in intranets for staff and providers which helps employee retention

An intranet is a private network within an organization and is used to securely share information and resources amongst employees. It encourages communication and allows employees to easily access important training, forms, and applications. An often overlooked digital tool in healthcare, an intranet, serves as a valuable tool and a facilitator in communication and employee engagement

Engaged employees are notably 87 percent less likely to leave an organization compared to their disengaged counterparts. Intranets offer social and collaborative features like comments, direct messaging, and document sharing. These features facilitate seamless communication and information sharing across departments, promoting efficiency and higher levels of engagement among staff.

Where to start: While most healthcare organizations have an intranet in place, they often lag in updates or improvements. We recommend initiating a survey for all employees to share feedback on their use of the existing intranet and suggest improvements. Recognizing diverse user needs, segmenting audiences can enhance tailored experiences. Ensuring anonymity encourages staff to candidly address daily challenges, aligning the organization on leveraging this data for meaningful changes. In the context of rising burnout among healthcare workers, prioritizing internal resources is as crucial as external patient-facing digital tools.

3. Open Scheduling and Online Visits

split image of a virtual appointment and an in-person appointment which helps staff shortages

On average, virtual appointments save patients and providers approximately 105 minutes compared to in-person care, eliminating the need for travel and waiting room time. Despite these advantages, healthcare organizations may be slow to adapt and implement the necessary digital tools for scheduling and facilitating online visits. Introducing open scheduling, allowing patients to make same-day appointments, can alleviate the stress healthcare workers experience when accommodating patients for the earliest available slots.

Embracing a hybrid care model offers positive upstream impacts, providing patients with easier access to the care they need, irrespective of their location and circumstances. Adopting a “consumer-first” approach to digital tools, enabling patients to search and find the right doctor for their condition, alleviates the staff burden of handling unnecessary calls and inquiries. This approach allows healthcare workers to concentrate on other essential tasks.

Where to start: Modea recommends beginning with organizational alignment on the approach to online scheduling and a hybrid care model. The most common barrier is open scheduling and provider reluctance to implement this due to less control over their schedules. 

4. Enable a Self-Service Patient Experience 

self-service patient experience using a healthcare website which boosts engagement

The information available on a healthcare website can assist patients in assessing whether they require care based on their symptoms. Access to accurate online information can prevent unnecessary appointments or visits to the wrong provider. Empowering patient self-service reduces the time and effort healthcare workers spend on scheduling and managing low-value appointments. Open scheduling serves as another form of patient self-service. Prioritizing healthcare staff’s time with patient-focused, streamlined solutions benefits both healthcare workers and patients.

Studies indicate that the U.S. healthcare system delivers a considerable amount of low-value care, defined as medical services with potential harm or high costs that often outweigh the benefits. This wasteful practice can result in overtesting, overdiagnosis, and overtreatment, contributing to an estimated annual cost exceeding $300 billion.

Mitigating wasted resources, time, and administrative work associated with unnecessary or low-value care appointments can be achieved by offering educational resources about conditions and health management on your clinic or hospital’s website. Providing valuable information not only enhances the educational aspect of users’ care journeys but also fosters trust and authority for the health organization. Websites play a critical role in addressing and resolving unmet healthcare needs.

Where to start: We recommend fostering internal alignment on viewing your website not merely as a “website” but as a crucial digital asset and tool for providing patient care. In today’s landscape, consumers can access care globally, and although self-service is unconventional in health management, many hospitals are integrating it. Conducting customer research illuminates patient preferences and desires, reinforcing the significance of digital investments. This approach ensures that your digital initiatives align with the evolving needs and expectations of your patients.

5. Embrace Mobile For All Audiences 

consumers access their care with mobile and boost engagement

Consider your mobile strategy. Having a well-thought-out mobile app that delivers a seamless experience provides another way for patients to trust your organization and access their care on a device most Americans already own. 

Developing a mobile app that revolutionizes how consumers access their care and enhances a healthcare organization’s digital footprint provides a personalized and customized experience unique to both the organization and the patient. This innovation strengthens the relationship with your brand. Mobile health apps are designed to complement in-person and online patient experiences, serving as an additional tool to enhance the overall patient journey. Even with complex Electronic Health Record (EHR) systems like EPIC and Cerner, there are opportunities to personalize the experience and create a proprietary app owned by your organization. Maintaining interoperability and unified data ensures seamless communication between systems, reducing additional workload for healthcare staff.

Value of an Internal Mobile App

Creating an internal mobile app for healthcare staff is a valuable way to enhance and streamline communication for employees who are often on the move within a hospital. This internal mobile app becomes a central hub for all employee needs, providing visibility into benefits and payroll information, enabling the submission and review of IT help desk tickets, offering quick access to company messages and news, facilitating targeted employee communications, and even serving as a platform for nurse schedule management.

To fully reap the benefits of your digital investment, educating patients and staff on how to use the apps will support self-service and increase engagement.  

Where to start:  Conduct thorough research on your competitors to understand the offerings and digital experiences they provide to their patients. When considering the development of a native mobile app or modifying an existing one, Modea can assist in the planning process and provide insights into the reasons supporting different approaches. With extensive experience in healthcare mobile apps, Modea can guide your organization towards creating the ideal mobile asset. Whether developing tools for internal use or patient-facing purposes, it’s crucial not to overlook the importance and convenience of mobile applications.

In Conclusion

As healthcare systems grow more complex and face constant pressure from both patients and internal stakeholders to enhance their digital tools and experiences, the introduction of emerging technologies adds to the challenges. To address healthcare burnout and foster cohesive communication between patients and providers, healthcare systems can benefit from collaborating with specialized technology consultants. This partnership aims to facilitate a seamless digital transformation journey, ensuring the effective integration of advanced technologies into the healthcare landscape.

Thinking about how your company needs to digitally transform? Modea can help you strategize and utilize the right tools for you. 

Digital Tools to Improve Access to Care for Rural Populations

individual trying to find the closest hospital in a rural area

By nearly every objective measure of health, people who live in rural areas are doing worse than those who live in urban and suburban areas.

This health gap between rural and non-rural has persisted for many years. It’s an area of focus for many hospitals and health systems, who are leveraging every digital and analog tool at their disposal to close the gap.

Your digital customer-facing platform can be one of those tools.

In fact, digital investments can help healthcare providers advance health equity by improving access to care for many underserved populations, including rural communities.

But first, you have to understand who your customers are. With hospital consolidation, patient populations are rapidly changing and expanding, and service areas are becoming larger.

In this report, we’ll share some surprising findings about healthcare customers who live in rural communities. And then we’ll help you interpret what these data points might mean for your hospital or health system.

What We Know About Health in Rural Communities

When compared to those who live in less geographically isolated areas, the 61 million Americans who live in Tribal or rural communities are less likely to get the care they need and more likely to have worse health outcomes. They have an increased risk of heart disease, stroke, cancer, and lung disease, and have a higher risk of dying by suicide or having substance use disorder.

61 million Americans who live in tribal or rural communities are less likely to get the care they need and more likely to have worse health outcomes

Too often, rural residents don’t get the care they need, when they need it. In fact, that lack of access to quality healthcare is one of the biggest contributors to the increased risks and poor health outcomes for rural Americans.

Shortages of doctors and hospitals in rural areas only widen the gap, with two-thirds of hospital closures in the last decade happening in rural areas. Not only that, just 12% of physicians practice in rural communities, where there are also shortages of nurse practitioners, dentists, and social workers.  

just 12% of physicians practice in rural communities

Hospitals and health systems want to solve this problem. From sponsoring public health initiatives to applying for Critical Access Hospital status, these organizations are leveraging various tools to help address health inequities in rural areas.

However, as a health system or hospital, you have another very powerful tool: Your website and mobile experience.

The Data in This Report

Our clients—which include local, regional, and multi-state health systems—often cite improving access to care as one of the reasons they are investing in digital. But what does digital access look like for people who live in rural areas?

To answer that question, among others, we recently conducted independent research, surveying more than 1,200 individuals across the U.S. We wanted to learn more about how they access care, and what keeps them from accessing care. We also combed through other research on healthcare access for rural Americans.

What we gleaned can help hospitals who are seeking to better serve those who live in geographically isolated areas.

The Big Idea

Investing in and improving customer-facing digital tools can increase access to care for many underserved populations, including rural communities.

investing in and improving customer-facing digital tools can increase access to care for many underserved populations

Key Finding #1: Rural Users More Likely to Rely on Smartphone, Less Likely to Have Computer

In our survey, about 90% of respondents living in rural areas reported having a smartphone.

smartphone ownership graph of rural, urban, and suburban populations

Surprisingly, smartphones were more common among rural individuals (90.1% ownership) than urban (80.7%) or suburban (about 85.4%).

Individuals living in rural communities were the least likely to have either a desktop computer or a laptop computer (while 79.8% reported owning one or the other, only 45.8% of rural Americans reported owning a desktop computer). A 2021 Pew Research Center survey confirmed this, finding that while smartphone ownership had increased significantly over the last 3 years, ownership of desktop or laptop computers stayed flat. 

These two points together mean that rural users are most likely to use their smartphone when searching for care, and least likely to use a computer

For this reason, the healthcare websites most accessible to rural users are those built to be mobile first. This means that the design and function of the website is built thinking of mobile first, and desktop second. 

Key Finding #2: People Living in Rural Areas Are Less Likely to Have Broadband Access

people living in rural areas are less likely to have broadband access

Compared to those living in urban or suburban areas, rural individuals are nearly two times more likely to lack broadband access.

A Peterson Center on Healthcare and Kaiser Family Foundation report found that, in 2019, 13% of people in nonmetropolitan areas lacked internet access at home (compared to 7% of people in metropolitan areas).

Not only does this finding underscore the point that mobile-first matters for rural users, it also is a reminder that not all users with a smartphone have internet access. This is another reason why they tend to be smartphone-dependent. 

Furthermore, if they are leveraging a cellular network to connect, their page load times will be longer. The longer the page load time, the higher the bounce rate tends to be.

This is why it’s important to work with UX designs and web engineers who know how to design and build for optimal page load time.

It’s also an important consideration for telehealth, in that you have to understand how your users will connect and what types of technology are most accessible over cellular networks.

Key Finding #3: Rural Users Are Willing to Drive

When we asked about barriers to care, rural respondents were slightly more likely to cite issues with work and childcare than urban and suburban ones. But surprisingly, they were less likely to flag transportation or distance as barriers, compared to urban individuals.

graph of barriers to receiving care from individuals in urban, suburban, and rural areas

One explanation is that people living in urban areas may be less likely to have a car, and if the subway or bus line isn’t near where they go for care, it limits them.

We do have to acknowledge that much research has focused on the travel burden for people living in rural areas, with one study finding that rural residents traveled more than twice the distance (nearly 18 miles) as urban residents (about 8 miles) for healthcare. In that same study, more than 55% of rural residents identified the cost of gas and the financial expense of travel as barriers, compared to 45% of urban residents.

But what our data suggests is that a hospital’s service area may be larger than they think. This is especially true with hospital acquisition and consolidation. People living in rural areas may be willing to drive further—even to the next hospital over—if they think the care is better or if booking an appointment from their phone is easier. 

Hospitals must be aware that their competitive set is becoming broader, which has strong marketing implications. Are you really reaching your full demographic?

Key Finding #4: Rural Users Most Likely to Use Family for Finding Care, But Also More Likely Than Other Cohorts to Use App

We asked respondents a series of questions about how they prefer to research a condition and how they prefer to find care.

Rural residents are the most likely to want to talk directly to their doctor, both to find care and to research care. They are also the most likely to turn to family for both things. This suggests they put their faith in people over technology, which makes sense if we think about rural individuals living in small, tightly knit communities. They value personal connection when making healthcare decisions.

graph of how do urban/suburban/rural survey respondents research and find care

However, they are almost as willing as other cohorts to use Google or a hospital website for researching care. And most interesting, rural users were more likely than either urban or suburban users to use an app to find care. That said, they are less likely to use an app to research care, preferring to turn to people for help making decisions. In essence, they are the happiest of all the cohorts to use an app to make an appointment – or to leverage technology to get in front of a provider as quickly and efficiently as possible. 

graph of comfort using mobile app to find care

Building a proprietary hospital app is a significant digital investment, but it gives hospitals complete control over the digital experience, allowing them to customize for their customers. 

We know from previous research on customer preferences regarding hospital apps that convenience and ease of use are the top factors. And the way to ensure your customers can do the key tasks they care most about is for your hospital to own the app, just like any other digital property.

Key Finding #5: Telehealth Has Vast Potential for Rural Communities

Telehealth has vast potential for rural populations

The Covid-19 pandemic dramatically increased the number of people using telemedicine. For people living in rural areas, telehealth can be a more accessible way to talk to a provider. A 2022 study showed that people in rural areas have strong interest in telemedicine and mostly positive experiences.

In fact, the CDC is supporting specific telehealth projects in rural areas, including stroke and cardiac rehab, diabetes prevention and management, tobacco cessation, and epilepsy management.

Building a sustainable telehealth platform can involve regulatory and operational challenges for health systems, and it brings up many questions. Do you have providers who will offer video visits? Do you have the security you need to keep visits compliant? And for rural users, a big watchout is making sure the platform is set up in a way that allows them to access from mobile only. 

For hospitals and health systems reaching rural America, telehealth should always be part of the digital discussion. In other words, if you’re investing in your digital platform and you’re not even talking about how to integrate telehealth, you’ll find yourself behind the curve. 

Where Do We Go From Here?

At Modea, we believe in the power of a terrific digital customer experience. We work toward creating these experiences for our hospital and health system clients because we believe digital can improve the consumer experience and make healthcare more human and personal. 

But we also believe Americans need better access to healthcare. And building great digital tools that improve access is the difference we can make.  

This is why we want to make sure that hospitals and health systems know the opportunity they have to reach people in rural areas. 

Not sure where to start? We recommend that hospitals work to gain clarity on these 3 things.

  1. Know your customers. Has your service area expanded in the last few years? We see this with our health system clients who are buying hospitals or consolidating. If it’s been a while since you’ve done Voice of the Customer research or mapped your customer journey, now is the time. (Learn more about what digital roadmapping looks like.) 
  1. Know what your data is telling you. Do you understand how customers in different zip codes are interacting with your digital properties? Do you know what devices they are using to access your website? Do you know where they are getting lost in the process and where they are converting? Your data tells a powerful story, if you know where to look. (Learn more about the analytics and BI work we do.)
  1. Know where the gaps are in your digital tools. If you haven’t audited your digital tools with an eye toward access to care, particularly for historically underserved populations, you likely don’t know what you don’t know. Talk to us today about a Digital Equity Audit. 


ViVE ’23 Recap

ViVE conference

Recently the Modea team had the opportunity to attend ViVE, a digital health conference, in Nashville. In addition to connecting with clients and colleagues, we got to hear from some of the most innovative and influential minds and brands in healthcare. 

ViVE aligned closely to our Modea vision of making healthcare more human and personal. We learned how players ranging in size from new startups through technology giants are investing in the digital healthcare space, with collective missions to improve the patient and provider experiences. 

Here are the major themes we heard for how innovators are looking to disrupt and improve healthcare.

Theme 1: Interoperability

Interoperability in healthcare refers to the seamless communication between various systems, technologies, applications, and tools to enhance the overall experience for patients, providers, and health systems. In the face of a growing array of technological solutions, maintaining a commitment to interoperability is crucial. This ensures that different devices and applications can effectively communicate and exchange data.

In practical terms, interoperability means the efficient sharing of patient health information (PHI) between the electronic health record (EHR) and other tools. Given the involvement of PHI, preserving patient privacy is of utmost importance. However, achieving the necessary privacy sometimes involves deidentifying patient data, potentially leading to the loss of key data diversity or information about Social Determinants of Health (SDOH) for individuals (see Theme 2). Addressing the challenge of achieving interoperability while maintaining a holistic view of the patient population is a complex task that many in the healthcare industry are actively addressing.

While retail health options bring benefits to consumers by reducing costs and introducing a more consumer-oriented mindset to healthcare, they also contribute to increased fragmentation. Disjointed or fragmented health data across systems can result in care redundancy, inefficiency, and frustration. In the era of healthcare consumerization, ensuring interoperability remains imperative for fostering patient engagement in their care.

healthcare digital solutions

Modea’s takeaway: Invest in digital solutions that fit into your existing workflows and systems to promote, rather than hinder, interoperability.

Theme 2: Health Equity/Social Determinants of Health

There was a lot of discussion around making healthcare delivery more equitable. Social Determinants of Health are the social, environmental, and economic factors that people are born into that affect their health outcomes. Notably, an individual’s zip code stands out as a pivotal determinant of health outcomes. Therefore, when zip code data is de-identified or removed from patient data, crucial facets of health information are overlooked.

Reimbursements, particularly those from Medicaid, play a crucial role in discussions about health equity. The accessibility of certain healthcare services hinges on reimbursement. Without proper reimbursement, lower-income or underserved individuals may face barriers to accessing essential services or treatment options. For example, if healthcare services provided at a community clinic aren’t reimbursed by Medicaid, and that clinic serves a low-income patient population, it diminishes the ability of that population to access necessary care.

There are a ton of startups using predictive analytics to create more equitable care experiences, and we’re interested to see how hospitals and health systems leverage these tools in the future.

Two of these startups we heard from:

alvee logo
pear suite logo

Modea’s takeaway: There are countless angles from which to address health equity and healthcare disparities. Understanding your patient population is a great place to start.

health equity

Theme 3: Physician Burnout

For physicians reading this, there’s no revelation here. Burnout is a prevalent issue, intensified by additional burdens during the pandemic.

Administrative burden contributes significantly to physician burnout. Regrettably, the introduction of new digital solutions doesn’t always alleviate this burden; at times, it even adds to it. This underscores the crucial need for innovations to seamlessly integrate into existing physician workflows, fostering efficiencies rather than complicating processes.

Physician burnout and early retirements are forcing health systems to resort to hiring contract workers, incurring significantly higher costs. These contract labor expenses stand out as a major contributor to the decline in health system margins. Mitigating physician burnout not only enhances physician retention and financial outcomes but also ensures that physicians and clinical staff can deliver optimal care to patients.

The most promising category of solutions to combat physician burnout? Generative AI, as Theme 4 below details. However, generally speaking, tools that promote physician productivity without introducing additional complexities will improve both the provider and patient experiences.

Modea’s takeaway: Treat your physicians and other staff as you would any customer segment. Their loyalty, engagement, and happiness are key to your health system’s success.

image of physician multitasking

Theme 4: AI

Not surprisingly, AI was the most common theme of the conference. Apart from the word “leverage” (what’s a business conference without it?), “ChatGPT” was the phrase we heard most.

Physicians are enthusiastic about the potential applications of generative AI in personalized treatment planning, diagnostics, clinical decision-making, enhancing clinical productivity, and sifting through extensive EHR data to reduce errors and inform decisions.

Our client, the American Medical Association, hosted an event spotlighting physician innovators and startups who can connect online (or IRL, as was the case at ViVE) via the Physician Innovation Network. During that spotlight we heard several physicians express excitement about the potential of generative AI, so long as the right guardrails are in place.

image of digital health with AI

Modea’s takeaway: AI isn’t going anywhere, and is getting more advanced all the time. While its implications remain to be seen, it’s important to educate yourself on its applications and potential.

Theme 5: Consumerization of Healthcare

The consumerization experience and recognizing patients as consumers remain prominent topics across startups, providers, and big tech companies. This theme has been a consistent focus for us at Modea, and its relevance shows no signs of diminishing in the foreseeable future. 

The shift to retail health (think traditional retailers getting into the healthcare game, such as Dollar General and Amazon) is changing consumer expectations of healthcare. Consumers are seeking convenience, transparency, and lower costs, and they’re finding it more easily with these nontraditional “providers.” 

A key aspect often discussed in healthcare consumerism is the drive toward personalizing the patient experience. Patients are actively pursuing personalized care on their own terms, utilizing tools like at-home diagnostic kits and wearables. In this context, patients are increasingly open to sharing their health data, particularly when it offers faster access to information about a condition or potential treatments. Healthcare systems that provide personalized digital experiences witness heightened patient engagement, benefiting from streamlined access to care and information.

Modea’s takeaway: Care and health are increasingly happening outside the walls of the hospital. We need to meet consumers where they are, through a combination of digital and analog care solutions.

mobile app images

In the ever-evolving landscape of healthcare, organizations grapple with top-priority initiatives amidst challenges like shrinking margins. However, we envision a bright future driven by technology, innovation, and tools that promise enhanced and timely patient care. In this evolution, we anticipate a stabilization of staff shortages and burnout, with patient journeys becoming more personalized and streamlined.

We look forward to being a part of this future and working to help organizations establish and nurture better relationships with their consumers and patients. 

Digital Tracking and Collection: See, Store, Share Wisely

laptop with a secure cloud which highlight the security needed for digital tracking

Digital tracking, a longstanding practice, involves companies using codes and scripts to monitor user behavior on websites or mobile apps. The primary aim is to enhance marketing decisions for a personalized user experience, benefiting both parties when implemented correctly. However, poor execution or the unauthorized sale of collected data to third parties without consent raises serious concerns on various levels.

In healthcare, providers use tracking on consumer-facing products to enhance the digital care journey. However, healthcare tracking is more intricate than in e-commerce. The data collected often involves sensitive information or Protected Health Information (PHI), adding complexity to when and how tracking can be employed, irrespective of intent.

The ever-changing landscape of consumer preferences, digital device usage, and privacy expectations prompts ongoing revisions in rules governing data tracking in healthcare. HIPAA, established in 1996 and supplemented by Privacy and Security Rules in 2003, addresses these concerns. With the surge in technology use and escalating online data sharing, there’s an amplified focus on the collection and use of Protected Health Information (PHI), further intensified by recent data breaches.

A bulletin from the Department of Health and Human Services details guidelines for HIPAA-covered entities and business associates on the use of online tracking technologies. The document provides insights into how healthcare organizations, termed ‘regulated entities’ under HIPAA, should navigate digital tracking and measurement.

What do the new guidelines mean for your organization?

The HHS decisively spells out that a ‘regulated entity’ cannot improperly share PHI with a third party:

Regulated entities (note: healthcare organizations = ‘regulated entities’) disclose a variety of information to tracking technology vendors through tracking technologies placed on a regulated entity’s website or mobile app, including individually identifiable health information (IIHI)19 that the individual provides when they use regulated entities’ websites or mobile apps. This information might include an individual’s medical record number, home or email address, or dates of appointments, as well as an individual’s IP address or geographic location, medical device IDs, or any unique identifying code.

20 All such IIHI collected on a regulated entity’s website or mobile app generally is PHI, even if the individual does not have an existing relationship with the regulated entity and even if the IIHI, such as IP address or geographic location, does not include specific treatment or billing information like dates and types of health care services.21 This is because, when a regulated entity collects the individual’s IIHI through its website or mobile app, the information connects the individual to the regulated entity (i.e., it is indicative that the individual has received or will receive health care services or benefits from the covered entity), and thus relates to the individual’s past, present, or future health or health care or payment for care.22

Put plainly, the above excerpt underscores the importance of ensuring that your healthcare organization, as a ‘regulated entity,’ shares information with third-party vendors or systems in a responsible manner. In essence, refrain from transmitting identifiable PHI to third-party vendors.

Okay, but what about IIHI?

In addition to providing guidelines on PHI collection, the HHS also specifies a broad range of IIHI (Individually Identifiable Health Information) that should be avoided when collecting data on your digital platforms. For instance, someone clicking on a provider profile on your organization’s website, on its own, doesn’t pose a problem and is acceptable to collect.

However, there are two scenarios where information becomes problematic, or “individually identifiable,” and should not be collected or transmitted to a third party: first, if an individual can be reasonably identified (through the collection of commonly identifiable information like names, phone numbers, or IP addresses), and second, if that information is shared with third parties.

Want to avoid problems? Avoid collecting IIHI as much as possible. 

There are three primary offenders of personal information tracking that make it individually identifiable:

  1. Precise geolocation
  2. IP Address or other unique identifiers (think advertising)
  3. Personal information is entered in text input fields (think a form or login)

What is the best way to ensure we’re not passing identifiable data to third-party vendors?

The bulletin, helpfully, distinguishes three broad categories of digital properties: 

  1. User-Authenticated web pages (requires a user to login, such as MyChart)
  2. Mobile Applications (delivered by and on behalf of a healthcare organization)
  3. Unauthenticated web pages (does not require a login, like your standard consumer-facing website)

Let’s break each of these down a bit more with the important information you should know.

User-authenticated web pages: 

A user-authenticated web page, like MyChart in healthcare, requires users to log in with identifiable information for access. The simplest solution is to avoid placing third-party tracking, such as pixels or session-recording software, on your MyChart or patient portal instance.

If you require meaningful user behavior tracking from a MyChart instance, explore secure options like an on-premise server using Matomo or a custom tracking implementation (though these can be costly). If opting for the free Google Analytics tools, consult with an implementation expert to ensure secure setup.

Mobile applications: 

mobile app which help manage non-identifiable data for tracking

Mobile applications, especially those listed with EPIC or Cerner integrations, have a higher likelihood of exposing PHI. For example: if you are using biometrics to let a user access the application, that is personal health information. 

It is important to take the necessary steps to ensure that data cannot be identified BEFORE collection. Cleaning post-collection is not good enough as the third-party vendor can’t filter the field in their database after collection and be able to say ‘great! we’re done!’ De-identification must be done before the point of collection.

How to manage this: 

  • For mobile applications, GA4 automatically masks IP addresses by default. 
  • Most mobile applications for healthcare do not log the precise location of a user, but those with wayfinding built-in may be at risk — especially if that wayfinding data is passed to or stored with any third parties.
  • Additionally: Advertising should be disabled for mobile applications.  
  • The guidance mentions DEVICE ID, but to clarify: our understanding is that “device ID” is assigned to the individual phone/laptop/tablet by the manufacturer, not the value reported by Google Analytics. That refers to a unique app installation ID, and one device or individual could have multiple app installation IDs.

If these conditions are met, you can prevent most PHI from being collected as well as prevent identifiable PHI from being passed to third parties.

Unauthenticated web pages:

Unauthenticated web pages are ones that don’t require the user to log in. In other words, your standard-issue, publicly available internet web page. The majority of health system digital properties fall under this category. As the HHS guidance states, as tracking technologies on these unauthenticated webpages generally do not access PHI, HIPAA regulations generally do not apply. 

However, HHS does indicate two instances in which IIHI could be exposed or collected: 

  1. The login page of a patient portal, linked to from the main unauthenticated website
  2. A search for symptoms or an appointment request form that doesn’t require authentication, but does require a user to enter personal information

How to manage these risks:

  1. Do not allow third parties to collect keystrokes or any information entered on a form, whether via tracking or session recording. (Many organizations use tools like HotJar, CrazyEgg or Inspectlet to record sessions and better understand user behavior. Be extremely mindful of using these tools on healthcare websites. Read the fineprint and understand what these tools do and do not collect – and what they can and cannot be configured to do.)
  1. Do not collect individual IP addresses. GA4 automatically masks IP addresses by default. If you haven’t upgraded to GA4, develop a plan to do so very soon. Also, once more, turn off the advertising ID for Google Analytics.

Managing these areas can help mitigate risk to avoid collecting IIHI on your digital properties.

keeping your marketing data de-identified which helps with digital tracking

Keep your marketing data de-identified.

There is one additional area of considerable risk: your Google Tag Manager account.

GTM accounts often harbor neglected and outdated marketing pixels, custom HTML tags for specific campaigns, and other third-party insertions. Look through your existing GTM account and audit your marketing pixels and their configuration. Remove any that are unnecessary, and make sure you understand what they are collecting. 

Pixels come with their own configuration and can send information to a third-party vendor that the vendor then controls. Once a third party gets data from a pixel, it can freely use and even resell the information to others. Be extremely mindful of what information these marketing pixels are collecting.

With those points in mind, you should be well set-up to keep your data de-identified.

In conclusion

Use this guide to ensure your organization complies with the latest HHS and HIPAA guidelines on PHI and IIHI.

If you want the TL; DR version or need to share key takeaways with others in your organization, here you go:

  1. Turn off advertising ID to prevent unique advertising ID sharing. 
  2. Upgrade to GA4. (We recommend this for many reasons, not least of all that older versions of Google Analytics are being sunset July 2023. In this case, the upgrade to GA4 is critical to ensure automatic IP address masking).
  3. Be extremely mindful of collecting user-entered text or login credentials. If you are using session-recording software, thoroughly review the documentation and configuration of your software to ensure no text or keystroke inputs are being collected, stored, or shared.
  4. Make sure that third-party tags and pixels in your Google Tag Manager account are in place only to collect the most critical information, and nothing more.