Freshpaint at HIMSS 23

Freshpaint helps healthcare providers keep their first-party customer data HIPAA-compliant by default.

Meet Freshpaint to see

🏥 How Freshpaint replaces non-compliant tracking tech
📈 How to make Google Analytics HIPAA-compliant
🗣 How to make ad platforms HIPAA-safe

Click to meet Freshpaint👇

Set a Time to Meet Freshpaint

TRUSTED BY HEALTHCARE

Google & Facebook are not HIPAA-compliant.
But they can be

December's guidance from HHS on tracking technologies was a gut punch to marketers at healthcare providers. Suddenly, tools like Google Analytics, Google Ads, and Facebook Ads are not okay to use because they risk leaking PHI.

That’s where Freshpaint comes in. We replace the non-compliant Google and Facebook tracking technologies with a behavioral tracking platform that keeps you HIPAA-compliant by default.

Freshpaint Makes Google & Facebook Tools
HIPAA-Compliant

Freshpaint replaces your existing tracking technologies that could run the risk of HIPAA violations. Since Freshpaint signs a BAA all visitor and user behavioral data can be collected from your website and stored safely using Freshpaint instead of Google’s and Facebook's tracking technologies.

In order to ensure a safe connection between tools like Google Analytics, Google Ads, and Facebook, Freshpaint loads all the data server side. To eliminate human error and ensure that PHI is never shared with Google Analytics – especially things like appointment date, IP address, and zip code that live in the metadata – the default setting is that Freshpaint doesn’t share any data.

Automatically Apply De-Identification


For a tool like Google Analytics where it’s not safe to send health data AND personal identifiers, Freshpaint removes the identifiers that HIPAA considers as personally identifiable information and assigns a new identifier that can never reveal the identity of the individual. 

Now Freshpaint can send anonymous user actions to Google Analytics without the identifiers. This is how you use Google Analytics in a HIPAA compliant way.

Allowlists Reduce Your Security Footprint

Allowlists are safer because the default is nothing is happening–no data is being sent to destinations. Allowlists aren’t just on the integration level, they are on the event, user, and group level. By reducing the overall flow of PHI across your tech stack you are dramatically reducing your security footprint.

Free Ebook: How to Respond to HHS Guidelines

Enter your email to download the free ebook👇

A BAA that's not BS


Since Freshpaint signs a BAA all visitor and user behavioral data can be collected from your website and stored safely using Freshpaint instead of Google’s and Facebook's tracking technologies.

In order to ensure a safe connection between tools like Google Analytics, Google Ads, and Facebook - Freshpaint loads all the data server side.

To eliminate human error and ensure that PHI is never shared with non-compliant tools- especially things like appointment date, IP address, and zip code that live in the metadata - the default setting is that Freshpaint doesn’t share any data.

A HIPAA Compliant Customer Data Stack Doesn't Have To Be Hard

HIPAA compliance is hard. Freshpaint makes it easier by allowing us to decide where we want to send PHI. But the magic is for destinations where we don’t want to send PHI we can can still track user behavior without revealing who that user is.

Scotty Abramson
Director of Growth, Two Chairs

Get More Out Of Your Customer Data With Less Coding

Use Freshpaint's Customer Data Platform to get customer behavior insights faster, so you can make data-driven product decisions and power better customer experiences.

get a demo
© 2023 Perfalytics, Inc.