What Is Google Ads?
Google Ads is a pay-per-click (PPC) advertising platform that allows businesses to display their ads on Google’s search engine results pages (SERP) and other Google properties, such as YouTube and Gmail. When someone searches for a keyword that is relevant to your business, your ad may appear at the top of the search engine results page. You only pay when someone clicks on your ad, so you can control your advertising budget. Google Ads offers a variety of ad formats, including text ads, display ads, video ads, and shopping ads. You can also target your ads to specific demographics, interests, and even locations.
Healthcare marketers can use Google Ads to reach the following audiences:
- Patients who are searching for information about specific health conditions. These patients are likely to be in the early stages of their research, so they are open to learning about new products and services.
- Doctors and other healthcare professionals who are looking for new products or services. These professionals are often looking for ways to improve the care they provide to their patients, so they are a valuable target audience for healthcare marketers.
- Patients who are considering making a purchase or making an appointment. These patients are already in the decision-making process, so they are a key audience to market to.
Google does have specific advertising policies that apply to some Healthcare products and services including pharmaceuticals, speculative and experimental medicine, clinical trial recruitment, health insurance, and addiction services. In order to advertise pharmaceutical products or addiction services, a LegitScript certification is required. In order to advertise health insurance, a G2 certification is required.
What Data Does Google Ads Collect?
Google Ads collects a variety of data about its users, including:
- Device information: This includes your device’s IP address, operating system, and browser type.
- Search history: This includes the keywords you’ve searched for and the websites you’ve visited.
- Ad interactions: This includes whether you’ve clicked on an ad, how long you’ve viewed an ad, and whether you’ve taken any other action after seeing an ad.
- Location data: This includes your approximate location based on your IP address.
- Session data: This includes your web browsing history.
Is Google Ads HIPAA-Compliant?
According to the updated guidance from the Department of Health and Human Services, there isn’t a clear yes/no answer. However, knowing that Google Ads will not sign a Business Associate Agreement (BAA), we think using Google Ads, specifically when using conversion tags, does pose a risk.
Furthermore, there are also some tactics available in Google Ads that aren’t unique to that platform but are never HIPAA-compliant, such as remarketing and lookalike audiences. It is also important to consider other tools that have access to your Google Ads data, including optimization and data visualization software.
As with anything HIPAA related, compliance tends to lie on a spectrum of your risk tolerance as well as the steps you take to mitigate as much risk as possible. Some risks can be mitigated in Google Ads by taking advantage of options to enhance data privacy. These options include using server-side tagging, never using audience imports, remarketing audiences, or enhanced measurement, and not tagging pages that could potentially pass PII/PHI in URL parameters.
It’s important to connect with your legal team to determine how best to move forward. Listen to our HIPAA & FTC 101 podcast for more information about changes for healthcare companies.