HIPAA Compliant Review Responses

How to Respond to Patients Reviews and be HIPAA Compliant

When your practice starts using Zingit, you finally have an easy way to manage online reviews so it is best to learn some HIPAA compliant review responses. Our system alerts you of reviews left on the most popular sites so you can do an excellent job responding, cultivating further reviews, and attracting new patients to your practice. And we are sure you know—online reviews matter now more than ever. According to eTelling Group, 92% of users read online reviews before selecting a vendor.

Practices that use Zingit can not only encourage more happy patients to leave reviews, but they can have an easier time tracking and responding to the reviews as they are published. We are sure you have had the consumer experience of reading reviews—both positive and negative—when you are online. Responses show that a business is engaged and cares about its customers. Thanking customers for positive reviews boosts the good vibes even further. And offering responses to negative reviews can help curb the impact of any that are negative.

However, because you are in the healthcare industry, you have to be extra mindful of how reviews are addressed. Since online responses to reviews are public, you have to be HIPAA Compliant when you respond. In fact, you can be fined anywhere from $100-$50,000 per violation for revealing private information in a response—which is easier to do than you’d think.

A few interesting HIPAA compliance facts:

• Even if a reviewer acknowledges they are a patient, your response may not indicate the reviewer is a patient.

• Even if a reviewer reveals private information about their health or visit, you are not allowed to talk about specific health-related or visit information.

Does this mean you have to avoid responding altogether? Absolutely not! Responding is an amazing opportunity to show you are engaged and to further positive messaging about your practice—even and especially if the review was negative. You just have to craft HIPAA-compliant responses that respect your patient’s privacy. So what should you do?

Online Review HIPAA Compliance Tips

1. Don’t say names.

This one seems strange—especially when the patient’s name is written in the review. However, just avoid the name altogether as it’s a key in HIPAA compliance.

Instead of: “Thank you, Judy!”

Say: “Thank you!” Or “We love to hear positive experiences!”

2. Be general.

Focus on using “for all patients” language instead of “you” language. Instead of addressing the reviewer directly, turn the response back to your practice and policy.

Example: Instead of: “We are glad you enjoyed your visit.”

Say: “We strive to make visits enjoyable for all patients!”

3. Talk about brand, goals, or policy.

Responses are a great opportunity to further your brand messaging. So instead of addressing a complaint or compliment directly, you can talk about what your goals are or what you strive to do as it relates to the patient’s review.

Example: Instead of “We are sorry you had to wait.”

HIPAA Compliant Review Response: “We know our patient’s time is valuable! Our goal is to see patients at the time of the appointment.”

4. Be positive.

Even if a review is negative, avoid getting defensive. Being defensive most likely will violate HIPAA—you are likely acknowledging specifics if you are responding directly to what happened. Not only that, but it is extremely bad for your brand image. You don’t want readers to see your office as combative, even if a patient’s review is unfair or off-base. At the very least, offer to have a conversation offline. At best, turn it into a chance to talk about the good things you work to do for patients.

Example: Instead of “You were on your phone the whole time we gave you instructions.”

HIPAA Compliant Review Response: “Our goal is always to be extremely clear with our patients. That’s why we offer detailed instructions, and also print take-home instructions and even text them after appointments.”

5. Extend the conversation offline.

Sometimes, because you cannot address a response directly, it’s good to offer to continue the conversation offline. This will have a double-whammy effect: it may help improve the relationship with a dissatisfied patient, and it shows anyone who reads the review that you care to have a personal connection with patients. If the review was negative, it shows you want to make it right.

Example: Instead of “We are sorry and we want to fix this for you.”

HIPAA Compliant Review Response: “We’d love to talk about this further—contact our office manager at XXX-XXX-XXXX.”

Remember, aside from providing excellent care, engaging with patients is the best way to encourage them to keep coming back to your practice! So be sure to track and respond to all reviews—positive and negative. And with a little thought, it’s easy to protect your patients’ privacy and stay HIPAA compliant as you go.

Tracking online reviews is just one small aspect of Zingit—a robust tool that helps you attract new patients, reactivate dormant patients, and fully engage with existing patients, keeping them coming back for more. Interested in learning more about Zingit? Schedule a demo today!