Marketing

The Privacy Rule’s limitations on the use or disclosure of protected health information for marketing purposes do not exist in most States today.

Read the full answer

Under the HIPAA Privacy Rule, a covered entity can share protected health information with a telemarketer only if the covered entity has either obtained the individual’s prior written authorization to do so, or has entered into a business associate relationship with the telemarketer for the purpose of making a communication that is not marketing, such as to inform individuals about the covered entity’s own goods or services.

Read the full answer

The HIPAA Privacy Rule expressly requires an authorization for uses or disclosures of protected health information for ALL marketing communications, except in two circumstances:

Read the full answer

The overlap among common usages of the terms “treatment,” “healthcare operations,” and “marketing” is unavoidable.

Read the full answer

Generally, no. To the extent the disease management or wellness program is operated by the covered entity directly or by a business associate, communications about such programs are not marketing because they are about the covered entity’s own health-related services.

Read the full answer

No. The HIPAA Privacy Rule excludes from the definition of “marketing” communications made to describe a covered entity’s health-related product or service (or payment for such product or service) that is provided by, or included in a plan of benefits of, the covered entity making the communication.

Read the full answer

The HIPAA Privacy Rule excludes from the definition of “marketing,” communications by a covered entity to describe the entities participating in a health care provider network or a health plan network.

Read the full answer

No. The HIPAA Privacy Rule excludes from the definition of “marketing,” communications about replacements of, or enhancements to, a health plan.

Read the full answer

The provision of value-added items or services (VAIS) is a common practice, particularly for managed care organizations.

Read the full answer

Yes. It is not marketing for a doctor to make a prescription refill reminder even if a third party pays for the communication.

Read the full answer

Alternative treatments are treatments that are within the range of treatment options available to an individual.

Read the full answer

No. In a specific exception, the HIPAA Privacy Rule allows covered entities to distribute items commonly known as promotional gifts of nominal value without prior authorization, even if such items are distributed with the intent of encouraging the receiver to buy the products or services.

Read the full answer

In face-to-face encounters, the HIPAA Privacy Rule allows covered entities to give or discuss products or services, even when not health-related, to patients without a prior authorization. This exception prevents unnecessary intrusion into the doctor-patient relationship.

Read the full answer

No. In the specific case of face-to-face encounters, the HIPAA Privacy Rule allows health plans and their business associates to market both health and non-health insurance products to individuals.

Read the full answer

The Privacy Rule makes it clear that nothing in the marketing provisions of the Privacy Rule are to be construed as amending, modifying, or changing any rule or requirement related to any other Federal or State statutes or regulations, including specifically anti-kickback, fraud and abuse, or self-referral statutes or regulations, or to authorize or permit any activity or transaction currently proscribed by such statutes and regulations.

Read the full answer

Yes, if the communication is for the individual’s treatment or for case management, care coordination, or the recommendation of alternative therapies.

Read the full answer

No. Communications about government and government-sponsored programs do not fall within the definition of “marketing.”

Read the full answer

275-Does HIPAA expand the ability of providers to use my protected health information

277-Can telemarketers obtain my health information and use it to call me to sell good and services

278-When is an authorization required from the patient before a provider or health plan engages in marketing to that individual

279-How can I distinguish between activities for treatment or health care operations versus marketing activities

280-Do disease management, health promotion, preventive care, and wellness programs fall under the HIPAA definition of marketing

281-Is it marketing for a covered entity to describe products or services that are provided by the covered entity to its patients

282-Is it marketing for a covered entity to describe the entities participating in a health care provider network or a health plan network

283-Is it marketing for an insurance plan or health plan to send enrollees notices about changes to existing plans

284-Can health plans communicate about health-related products or services to enrollees that are not part of a plan of benefits

285-Can a doctor or pharmacy be paid to make a prescription refill reminder without a prior authorization under the HIPAA Privacy Rule

287-What are examples of alternative treatments excepted from the HIPAA definition of marketing

288-Are prior authorizations required when a doctor or health plan distributes promotional gifts of nominal value?

289-Are health care providers required to seek a prior authorization before discussing a product or service with a patient

290-Must insurance agents that are business associates of a health plan seek a prior authorization before talking to a customer

291-What effect do the marketing provisions of the HIPAA Privacy Rule have on Federal or State fraud and abuse statutes

292-May covered entities use information regarding specific clinical conditions of individuals

293-Are communications to beneficiaries about government programs marketing under HIPAA

HHS Email updates