Brand Purpose Healthcare Open Mic

3 ways healthcare marketers can navigate the shifting data privacy landscape



Open Mic article

This content is produced by a publishing partner of Open Mic.

Open Mic is the self-publishing platform for the marketing industry, allowing members to publish news, opinion and insights on

Find out more

April 30, 2024 | 6 min read

For The Drum's Healthcare & Pharma Focus Week, Acxiom's Brady Gadberry (SVP, head of data products) and Jordan Abbott (chief data privacy officer) talk data compliance and audience engagement in the healthcare sector, and share insights of regulatory frameworks, privacy laws, and ethical considerations.

Health data on fit-bit style watch faces

Right now, most brands are reassessing how to connect with and grow their audiences. This is part necessity, with cookie deprecation looming (albeit not until next year, as recently announced), and part opportunity as generative artificial intelligence (AI) continues to redefine the madtech art of the possible.

Whatever the impetus, building out high quality first-, second-, and third-party data remains a central pillar of engagement strategies. But for brands looking to carve their niche in the $7.98tn global healthcare services market, customer data strategies are extremely complex.

For markets in healthcare, the shifting regulatory dynamics, as well as the sensitivity of, and potential for, mishandling the data, can lead to complications and legal woes when sourcing, modeling, and activating audiences.

To help navigate these complexities (and build compliant, valuable audiences), here are three key points to consider.

1. Keep pace with consumer privacy regulations

Embracing privacy laws requires understanding their nuances. In the UK and much of Europe, the General Data Protection Regulation (GDPR) regulates the use of healthcare data for marketing. In the USA, however, there’s no single data privacy framework. Instead, there are multiple overlapping and interconnecting regulations.

At the federal level, healthcare advertising is regulated by key frameworks like Section 5 of the Federal Trade Commission Act, the Health Breach Notification Rule (HBNR), and the Health Insurance Portability and Accountability Act (HIPAA). States, including California, Washington, and Nevada, have also enacted their own robust privacy laws for an extra layer of protection.

For brands aspiring to a benchmark higher than basic legal compliance, healthcare interest marketing should also align with industry best practices, such as those recently outlined by the Network Advertising Initiative (NAI).

Successful healthcare interest advertising requires a solid grasp on, and strict adherence to, the complex regulations governing the use of health-related data. Navigating these rules is challenging but essential to avoid joining the growing list of brands charged by the Federal Trade Commission (FTC) with alleged health-related data use violations.

2. Use de-identified data

The sensitivity of protected health information (PHI) makes de-identification a prerequisite for many use cases. In order to stay HIPAA-compliant, brands building audience models in this space must ensure personally identifiable information (PII) is either removed or appropriately tokenized.

Typically, this de-identification process involves replacing any personal identifiers with encrypted tokens to prevent re-identification – similar to how the banking industry handles credit card transactions.

Once tokenized, it is best practice to verify legal compliance before beginning the modeling audiences process. The safest method for ensuring compliance is through ‘expert determination,’ using independent third-party organizations to audit and certify that your health-related audience data and processes are free from risk of re-identification.

As an important sidebar, these models should be used solely to help predict interest in information about conditions, treatments, and products, or services, not to target individuals as indications of their medical conditions.

3. Commit to stringent transparency

When it comes to using health-related information, the FTC states, “It’s crucial to disclose all material information to consumers about how you’re using and disclosing their sensitive health information.” 

Healthcare marketers should be open, comprehensive, and honest. Say what you do and do what you say. Brands that are transparent on health data usage and have safeguards to protect it, can withstand regulatory scrutiny with confidence and focus on positive commercial impacts.

One such safeguard involves regularly re-verifying the integrity and anonymity of health data. As regulatory frameworks like HIPAA, HNBR, and GDPR evolve, once-compliant datasets can become non-compliant due to changes in regulations or court interpretations. Companies must also be cautious of 'sensitive inferences,' where typically, non-sensitive information becomes sensitive (and potentially legally actionable) when used to infer health conditions.

Again, having an independent expert issue a determination that there is minimal risk of re-identification ensures (and demonstrates) substantial compliance with privacy regulations. It’s also prudent to require external data providers to show that they, too, have undergone similar validation processes.

Combat complexity with confidence

Navigating the complexities and legal and reputational risks of data use in healthcare interest marketing is no small feat, even for seasoned marketing professionals versed in sourcing, modeling, and activating audiences.

To address these concerns, many healthcare brands enlist partners to provide and evaluate the data and support in-house data science teams and agencies that build and activate healthcare interest audiences. These experts can help guide brands through the regulatory maze and help them avoid potential pitfalls so they can benefit from impactful marketing strategies with a solid, ethical data foundation.

Choosing the right data partner is critical. Look for one with a proven track record of success in the healthcare interest arena, one with regulatory expertise that understands NAI best practices, data provenance, de-identification, and expert determination. By partnering wisely, you can boost audience engagement and fortify compliance confidence.

Learn more about Acxiom’s compliant healthcare interest data.

Brand Purpose Healthcare Open Mic

Content by The Drum Network member:


Acxiom® is the global leader in customer intelligence and stands at the forefront of AI-enabled, data-driven marketing. As part of the Interpublic Group of Companies,...

Find out more

More from Brand Purpose

View all


Industry insights

View all
Add your own content +