HIPAA & Privacy Compliance for Health Care Marketers

August 6 – September 3, 2025

Health care marketers face unique challenges when navigating privacy regulations and digital marketing strategies. This four-part course provides foundational training on HIPAA, FTC, and state privacy laws, and how they impact marketing practices across tactics, platforms, and technologies. Led by experts in the field, participants will learn how to maintain compliance, mitigate risk, and still execute effective, data-informed campaigns. Through legal insights, practical audits, and case studies, you'll gain the tools to confidently market within today’s complex regulatory environment.

By the end of this course, participants will be able to:

• Explain how HIPAA, FTC, and evolving state privacy laws apply to digital health care marketing strategies.
• Identify and implement compliant marketing tactics and technologies across key channels including paid media, email, CRM, and analytics platforms.
• Assess and manage marketing-related legal risk through audits, agency collaboration, and informed decision-making backed by real case law examples.
   

Register Now 
A discount of 10% is available for groups of three or more from the same organization. 
For more details, please reach out to SHSMD.

Can’t make it to live course? No problem! While we recommend attending all sessions live for the best experience, all registrants will receive access to the session recordings—so you won’t miss a thing.

Module 1 | Compliance Fundamentals for Health Care Marketers

Date: Wednesday, August 6, 11:00 AM – 12:00 PM CT

Speaker: Jenny Bristow, CEO, Hedy & Hopp

The essential compliance training every health care marketer needs. Learn how HIPAA, FTC, and state laws apply to marketing, avoid legal pitfalls, and protect your organization. This fundamentals course will discuss the ever-shifting compliance landscape and how you can audit and manage your organization’s compliance.

• How HIPAA, FTC, and state laws impact health care marketing.
• The rise in class action lawsuits focused on patient privacy (related to marketing).
• How to conduct an audit to understand if your organization is at risk.
• Overview of options to continue using marketing analytics tools (in a compliant way!).

Module 2 | Digital Marketing Compliance Fundamentals

Date: Wednesday, August 13, 11:00 AM – 12:00 PM CT

Speaker: Lindsey Brown, Director of Activation, Hedy & Hopp

Now that you understand the legal and compliance landscape, let’s dig into some digital marketing best practices. In this course, we will review our most commonly used marketing tactics and discuss “watch-outs” for each platform.

• Tactic-specific rules: Paid media, email marketing, CRM, website, and forms.
• Best practices working with an agency or partner.
• State law-specific considerations for marketing tactics.

Module 3 | Analytics and Technology 101

Date: Wednesday, August 20, 11:00 AM – 12:00 PM CT

Speaker: Mark Brandes, Director of Data and Technology, Hedy & Hopp

So now that you understand the compliance landscape and some best practices for each marketing tactic, how do you continue using analytics to measure and report on your campaign success? In this session, we will talk about marketing and analytics technology. We will start with some fundamentals to explain what data is captured at each step, how to ensure it’s compliant, and which tools and technologies are OK to use.

• Marketing Analytics 101: How is data captured, where is it stored, and what is the concern related to compliance.
• sGTM vs CDP: How each works and pros/cons of each setup.
• Alternate tracking methods: UTM, APIs, and pixels (dos and don’ts).

Module 4 | Privacy Law in Practice: Case Studies and Q&A

Date: Wednesday, August 27, 11:00 AM – 12:00 PM CT

Speaker: Chris Allman, Director of Privacy and Compliance, Medically Home
Moderator: Jenny Bristow, CEO, Hedy & Hopp

Chris Allman will review and discuss state and federal privacy cases involving marketing, answer participants’ questions about the application of privacy laws in the real-life cases described, and provide practical risk management takeaways for the listening audience. This session will feature both case studies and interactive Q&A to answer your real-life compliance questions (like, should you really buy that list?).

• Provide update on recently issued state and federal case law opinions.
• Review how privacy cases shape enterprise risk management marketing practices.
• Offer practical Q&A-based guidance for real-world marketing compliance.

Bonus Module | Overcoming Data Challenges

Date: Wednesday, September 3, 11:00 AM – 12:00 PM CT

Speakers: Charlotte Wilson, Senior Director, Digital Engagement, Geisinger; Bill Balderaz, CEO, Futurety & HUCKLE

Geisinger developed a data infrastructure to improve privacy compliance as well as facilitate highly segmented and personalized marketing communications using existing data. In partnership with Futurety, Geisinger can now create patient communications that speak directly to each person's unique lifestyle and demographic traits, all in a HIPAA-safe methodology. The approach taken is flexible and scalable for other business units and can grow with the organization to follow annual KPIs.

• Establishing a strong data foundation.
• Navigating and managing various stakeholders.
• Leveraging AI for insights.

Registrants receive a number of free additional resources, including these on-demand webinars:

• It's a Private Matter: Preserving Trust After a Privacy Breach
• Social Media + Health Care Heroes: A Dynamic Duo

Completion of the course and final exam grants a SHSMD Credential in HIPAA & Privacy Compliance.