* The following transcript is computer generated and may contain errors.

Stewart Gandolf
So welcome, everyone. I'm Stewart Gandolf. I'm pleased to introduce you to our webinar today. This is a super timely topic. This webinar will be recorded. We will have opportunities for asking questions and so we'll leave time for that. So that's the most common question everybody has to. The recording will be available on our site and also on Fresh brings.

Stewart Gandolf
The topic we're talking about today is privacy. First, unlocking high performance, HIPA compliant marketing. And so this is a very timely topic. I will be. Want to switch to the next slide there. You're you're driving. I'm here with Ray Mino and I'm pleased to have gotten Ray in recent months. Our company is a I've been taking this issue very, very seriously.

Stewart Gandolf
So what I'd like to do is and again, for those of you just signing on, I'm speaking to you in New York from JFK Airport, getting ready to travel home after speaking. So if there's any noise, I apologize. Ray, can you switch to the next slide and I'll talk a little bit, our company and why we're here. And then I'll turn the ball over to you.

Stewart Gandolf
So we are Healthcare Success. I know that we've invited a lot of our followers and subscribers and clients long term people that know us pretty well. So we have a fair number of those people on the call. And this is, by the way, a very well attended webinar today. Even more than usual because it's so timely. We are a full service, truly integrated agency.

Stewart Gandolf
So all we do is health care. We do work with device and software, but most of our work is with health systems, hospitals, multi-location practices, addiction really in the provider kind of space. And so we what what makes us unique is that it's all health care, be that we are digital first. So we are absolutely even though we do branding and creative are absolutely digital.

Stewart Gandolf
Digital, digital and all about results. And so this topic that we're talking about today is near and dear to our heart, and it impacts every single client we speak with perspective clients as well. So when it comes to compliance and Ray is going to talk about this more, there's I just got back from a health care investment meeting right where they had a lot of attorneys out there talking about HIPA compliance.

Stewart Gandolf
And by the way, this topic did not come up at all because they were talking about the more traditional things that happen with civil compliance. So they were talking about record keeping and, you know, all the things that matter internally. But in the digital marketing side, there's a lot to be thinking about. So ADA is something we talk to our clients about for a while, making sure they have solutions to ADA compliance, which is not a half issue website Privacy policy.

Stewart Gandolf
You need that and we recommend the terms and conditions. These are sort of in addition to help with HIPA. That's a pretty broad scope. And again, we're not going to cover everything today. But, you know, obviously you need to have a notice of privacy practices on your site. You need Vas with the appropriate vendors where we're talking to our clients now, making sure we're updating forms and recording and protocols, scheduling to make sure that, you know, and this is a moving target.

Stewart Gandolf
What was okay yesterday is no longer okay. And we're really proactive on this, right? We feel like it's the right thing to do. But we also, as we'll talk about it a little bit, want to avoid headaches or nightmares about necessary. But the primary focus today is going to be about a new HIPA guidance recently issued about digital tracking technologies.

Stewart Gandolf
And so our firm has invested tens of thousands of dollars talking to our attorneys and also probably the equal amounts or more of our employer time looking at what are the options, what kinds of things can you do. And there are other options. But with Freshpaint we're so impressed with for Ani, just what we're recommending to most of our clients and as we developed a relationship with Freshpaint, we thought that doing a joint webinar would be a really good idea.

Stewart Gandolf
And so today it's not going to be a big sales pitch, but Raj is going to be walking you through. You know, what the landscape looks like, how we got here, where we're likely to go, and then the Freshpaint solution, what that's involved with. And for those of you that are interested afterwards, you know, either existing clients of ours or prospective clients that want to talk about fresh made our service or whatever, we'll solve for that today.

Stewart Gandolf
But I think you're going to find today a very, very useful webinar. So I cover that. Right, right. Anything I missed?

Ray Mina
Yeah, I you nailed you nailed all the, all the touchpoints. Yeah. I think you and I, when we when we connected after I see what what we talked about was the thing that I've been really encouraged to see how we're going to get into this history in a minute of like how, how, where did this start and how did we get here?

Ray Mina
The thing that I've been encouraged to see and I promise to make this this webinar a lot about like how to move forward is that in the beginning everybody was just talking about what is the guidance like, what is going on? And that shift has started to happen where now people are having conversations about what do we what do we actually do about it, how do we actually move forward and continue to do our jobs and continue to reach consumers?

Ray Mina
So they're going to we're going to do our best job to make sure we keep it focus on instead of creating fear for everybody, like what is actually the path forward, How can we have privacy and high performance marketing? Because that's that's ultimately the new world that we live in. I do think it's worth because there is still some confusion on like, why should I care?

Ray Mina
Why should this be something that we do anything about? And I've heard I've heard that there's a mixture of people who are already ahead of this. They've already implemented solutions and have figured out how to navigate this. And then there are people who are still not doing anything about it. I think it's worth talking about. Like this has actually been going on for a while.

Ray Mina
It started back in 2022. A journalist at the markup basically did a teardown piece on 100 hospital websites and they outed 30 hospitals for sharing AI with media. And right after that, that literally caused a cascade of class action lawsuits that no regulators had stepped in. This was just lawyers finding former patients are suing, media suing some major hospital systems.

Ray Mina
And it reached such a boiling point. I think that that HHS and OCR felt the need because I know that a lot of people are frustrated with OCR about this guidance, but their their big initiative is to make sure that health care systems don't get sued. And so I think they felt the need to actually offer some guidance around web tracking technologies because when HIPA was created in 1996, like Google Analytics Tracking and Meta pixel were not even a thing to consider.

Ray Mina
And so they felt the need to create an update to make sure we're considering some of these things that are hanging on the website. And that happened in December of last year that created a massive shift because before that of course, everybody was thinking about privacy in a post off world, but nobody in traditional health care was thinking about things as it relates to anonymous visitor on your website and that that's essentially what the guidance did.

Ray Mina
That's the shift that it made in mindset. And then right after that you started to see the FTC getting involved with consumer privacy and health care. FTC is not HHS is not about HIPA, it's about consumer privacy and a whole bunch of other regulations. But they issued fines pretty quickly against several health care organizations, some of which were not even covered by HIPA.

Ray Mina
So Guitar X got fined by FTC, where we're not covered by HIPA but still were penalized. And actually the biggest impact, they're some of these organizations in the settlement with the FTC, they're banned from using these platforms. They cannot do advertising on Facebook or Google ads going forward. So for a company like Betterhelp, that's probably a bigger hit than any kind of punitive fine is not being able to use these tools going forward.

Ray Mina
Right after that, the FTC went to Congress, asked for additional funding to take on more complex privacy cases and health care, specifically. And then in July 2023, after the HRA petitioned and said, hey, we think that you've overstepped and this guidance is out of line, the response they got to that letter was a joint letter from FTC and HHS issuing a joint privacy warning to over 130 hospitals and health care systems.

Ray Mina
So if folks were waiting for HHS and FTC to back down off the guidance, that July letter basically said at all that they were going to like, protect consumer privacy. And the you know, the leaders in some of these organizations have said on multiple occasions before Congress that they're going to do everything in their power to protect privacy amongst consumers and especially in health care.

Ray Mina
So a lot of what we talk about is this concern over OCR. But I think what this presents to us is that this is about class action lawsuits. This is about FTC, consumer privacy, this is about HHS and a few people, a few thought leaders that at at HCC pointed out to me, this is about consumer trust. Like if you're a brand in health care, you know, having trust from your consumers is a lot more than any regulator or lawsuit.

Ray Mina
So this is a moment that has been going on for a while and there's a lot of reasons now to pay attention to privacy and health care.

Stewart Gandolf
Yeah, I'd like to actually back up on that, too. Some of the things that are really important to keep in mind as that number one, as I mentioned, you know, we were initially thinking company of the idea that it's a separate entities which at least takes away some of the clients we work with right. But then you got the FTC involved.

Stewart Gandolf
So cash based businesses, which have nothing to do with HIPA, are problematic and the other part of this is that, you know, our company fortunately we've never had any issues with any of our clients. And the idea the specter of, you know, from our standpoint, we're just conservative, we'd much rather do, number one, the right thing from a defensive measure to, you know, who needs the headache of it, whether it's frivolous or not, a class action lawsuit.

Stewart Gandolf
Right. Or, you know, issues that happen. So this is a super important topic for many different angles. So I'm excited for us to take anything further.

Ray Mina
Yeah, I think I think the next place to go is just kind of a clarification because we hear this a lot too. There's a lot of confusion and there's a lot of different interpretation of what exactly. Okay. OCR said about about HIP as it related to web trackers. And I hear a lot about it's not really clear or this one piece of data is going to is going to trip us up.

Ray Mina
There's been some very clear guidance, if you read if you read the language and think of it like a recipe, like a formula. So you need to have multiple pieces before you would be concerned with the help of violation. So let let's talk about a Web tracker that's hanging on your website. It it by default is going to capture several pieces of data.

Ray Mina
It's going to capture identifiers like device ID, IP address. If their form fails, it could capture information that's in the form that could be identifiable like email, all these things that HIPA calls personal identifiers. What's important about them is that they can be reversed to identify the user. So it's Ray, it's Stewart, it's it's Sally. But the guidance didn't say the identifier by itself is the problem.

Ray Mina
That's just the PII part. They they're concerned about protected health information and protected health information in the guidance is the identifier plus some specific health information about that visitor. So let's say if a visitor goes to a page about pregnancy services or does it find a doctor, look up for orthopedic surgeon or schedules an appointment and fills out a form there that suddenly becomes health information, that's something specific about their journey through your health care organization.

Ray Mina
When you combine that with the personal identifier. Now you have protected health information, however, and we're going to we're going to talk a little bit about this today. There are going to be a bunch of tools in your organization that it's going to be okay and you can make okay to share protected health information with just as a signal to what some of those things are, like a CRM tool or an engagement tool to personalize communication with your visitors and patients.

Ray Mina
That could be okay if you take the right steps. And one of those steps that most people know about is getting a business associate agreement, a BIA signed by that vendor. It's just legal framework to make it okay for you to share PII. And OCR is very specific that that is a possibility. Where you run into problem is when you have when you have these two pieces and you share it downstream with a tool, Google Analytics, Google ads that doesn't sign a VA, that is suddenly the HIPA violation that OCR has pointed out is is their biggest concern.

Ray Mina
So if you're a marketer on this call and you're having conversations with legal and compliance here and there's the raising, the fact that like an identifier by itself is high, that's something that you're going to have to like have a more thorough conversation about. It may require bringing in someone from the business side because if that's true, if that's your interpretation, you're kind of toast like every single tool that you install and hang a web tracker on your website.

Ray Mina
It needs some kind of IP address or some piece of information to make the Internet work. So this this is an important thing to fully understand because this will help you have that dialog and it will inform how do you actually move forward through it. Anything you want to chime in on there Now?

Stewart Gandolf
I think the one thing that's really important to recall that I should have said probably earlier is that the this is a complex field, right. And we're giving you some best practices business advice, but we're not attorneys like. And so you still need to work with your compliance team. Yeah. If you have a heck of a attorney. And this is why, by the way, when I'm saying this, I would work with somebody that's there, feel this happen.

Stewart Gandolf
It's hard enough because this is a subsection of hep. So you want to make sure they really understand this. And we have an attorney that we can refer people to if they're interested in. And there's actually a number of them out there that understand this issue. But it's important. What we're trying to do here is provide solutions that your counsel will get behind and say, this is okay, but it's end of the day.

Stewart Gandolf
You really need to get legal advice around these issues. So I think that's good to know.

Ray Mina
You nailed it like neither one of us are lawyers here. All we can do is share what the rest of the market is doing and how they're interpreting. But you need to have those conversations internally and you need to get to a place of, you know, synergy between the different stakeholders, your legal compliance team. Everyone needs to get on the same page on how to interpret this stuff so that you can find that pathway forward.

Ray Mina
But yeah, that's awesome that you have resources that you could point people to as well.

Stewart Gandolf
There is one thing relevant to as soon as this came down, I called one of the not our personal attorney, but one of the leading law firms out there for advice on this. And it was happening so fast. And he said, Well, I can't represent because I'm so busy. He's actually representing some of the health systems under attack.

Stewart Gandolf
Right. One of the big law, big health care law firm in Chicago that we speak out to put it that way. But anyway, his guidance was that he was surprised that the OCR came out with this guidance without getting any industry input. And then the big thing I think it may be getting lost here is that, you know, IP addresses were never contemplated to my knowledge previously.

Stewart Gandolf
That was something that was not and you could still argue that's not really PII. So that's these are this is an industry where you know what used to be okay a few, you know, a year ago is now suddenly not okay. And another thing that you'll be talking about, I'm sure, is the Facebook pixel. When this first started to come down was our focus.

Stewart Gandolf
But now even Google Analytics, which is the sort of epicenter of all digital marketing, is an issue now. And so that's why, again, these are just important points. So it's surprising how quickly the whole landscape changed. And it's not just us, it's not just our clients. It's like everything pretty much anybody has anything to do with health care.

Stewart Gandolf
Marketing is working now to figure out what's appropriate options are.

Ray Mina
That's right. Yeah, that's right. Well, let's get into you mentioned, you know meta and obviously that was the that was the markup piece back in June of 2022. But it has extended to other tools. You know, any any tool you can kind of think of it as the entire ad ecosystem, any tool that's basically requires a web tracker on your site to like see data to that tool to to create reports and Google Analytics or to, you know, optimize around conversions in some direct response advertising platform that Web trackers this, you know, client side literally loads onto your website when a visitor, you know, comes comes to your page or visits any of the pages

Ray Mina
on your site. And by default it's capturing it's designed to capture a lot of information that informed those downstream tools. And so that tracking technology is exactly what OCR called out. Now, I've read the OCR guidance probably 100 times, and what I found is really interesting is they never called out the actual tool. They never said like, you can't use Google Analytics, they never said you can't use even Facebook.

Ray Mina
They specifically called out in every sex and every sentence tracking technologies, the web tracking technologies. And so that's where we started to talk to our, you know, our customers and people in health care is how to how would you how would you deal with something like that? Like what would be what would be the path forward? And so when you then you have to look at the universe of like which tracking technologies are the ones that we're most concerned about.

Ray Mina
And really it's three right now. It's like three categories. The ad platforms that I mentioned, it's not just Google ads, it's Microsoft ads, Tick tock, Twitter. If anyone's still advertising on Twitter, that's gone a little bit sideways these days, Google Analytics or any other analytics platform where there's no buyer in place and then even video has started to come to the surface because if you host videos, if you upload them to something like YouTube, and if you've ever done that, you know that YouTube generates a transcript of that video.

Ray Mina
If that video contains health information, then Google has context about health. And then if you put an embedded player on your health care website, we met someone at HTC who has 1300 embedded videos to basically improve the experience of their visitors and patients. Every time someone plays a video from your website, their IP address is shared with YouTube and now you have the context of Chai without without a VA in place.

Ray Mina
So these are the tracking technologies that that people are starting to be concerned about. And I don't think that any of them anytime soon are going to sign Vas because the ad ecosystem is all about targeting. It's all about getting as much consumer information as possible to fuel these combined $250 billion a year advertising models. So they basically built some of the best advertising businesses in the history of the world, and it relies heavily on a lot of consumer data.

Ray Mina
So throttling that consumer data is something that they're not really interested in doing. I mentioned about the FTC, right? Like a lot of our conversation today is about HIPA and about HHS, but the FTC has basically come out and said that they are very interested in protecting consumer privacy. And they've signaled very strongly that in health care, our our founder and CEO actually met with the chair of the FTC in San Francisco a few weeks ago.

Ray Mina
And the topic was about privacy, not just in health care, but across multiple industries. And we got a strong signal that that health care is really a canary in the coal mine. It's not just a health care problem. You're seeing lawsuits with retail pharmacy chains. You're seeing the tax industry getting getting penalized by the FTC over sharing of sensitive information.

Ray Mina
So this consumer privacy thing is picking up steam. And it's actually one of the topics in Congress that has a bipartisan approach to it, both sides of the aisle, because American sentiment is concerned about privacy, especially with ad tech technologies. And so you're seeing more and more people supporting better privacy approach for for all consumers. So we'll see.

Ray Mina
We'll see where this goes outside of health care. So let's talk a little bit about like moving forward, like if this is the new paradigm for us, if consumer privacy is something that we have to be concerned of, you know, the approach of just remove all the trackers and stop using these platforms is probably like a near impossibility in a market that's, you know, driven by consumers like you're you're in health care.

Ray Mina
At the end of the day, you're marketing services to consumers. And it's a good thing like those services that you're marketing, consumers help people improve their quality of life, maybe even save lives. Like it's important for us to continue to do that and I think I think the thing that's really important to call out here is that, look, we're we're we're a software vendor.

Ray Mina
We make software to try to, like, help you mitigate this. But this this isn't a problem that's solved by one product, but this is a process problem. Like, you're going to need to take a new approach to doing marketing within health care that has a privacy first lens on it. And that's going to require a process. It's going to require collaboration, as Stewart said, with your legal compliance team and your business owners and maybe your I.T team, and then it's going to require like an ongoing approach to this.

Ray Mina
There's nothing where you're going to be able to do where you just set it, forget it and walk away. This is something you're going to want to like manage and, and you can and this is, this is kind of the framework that we're seeing a lot of organizations take. And it starts with getting a lay of the land, which Web trackers are even installed on your site today.

Ray Mina
Like if you don't know that right now, even if you decide to do nothing, that's a great starting point, because once you know what trackers are installed and where they're installed, you can just get a better understanding. Are these trackers sharing? Maybe. Maybe you don't have any trackers on pages that contain health information and maybe your legal and compliance team agrees with you that it's okay to do that, or maybe you do.

Ray Mina
And those tools, after doing a little bit of research, you either have a base already in place, a business associated agreement, or you can just get one or there's a different tool that you can switch to that can be HIPA compliant. So those are really the first three steps is just understanding where the trackers are installed, which ones are sharing, Why is it okay to share to those tools?

Ray Mina
And then once, once you get to and we're going to talk about this in a minute, most organizations get to a place where they ultimately have like two buckets of tools, some of the tools where they actually can make them happen compliant and need to, and some of them where they can't like ads and analytics and things like that.

Ray Mina
Then you're going to need what are you going to do about those tools? Like how are you going to govern the data to something like Facebook to make sure make sure that it never gets high because it can't? And then once you get to that clean slate, you know, if you're working with a great agency partner like Healthcare Success, they can work with you to stay on top of new Web trackers because maybe they're maybe they're the ones helping to manage your tech stock and do that together.

Ray Mina
But maybe there's other people in your organization that install a new track on your site. You're going to need to monitor that because you don't want to have any surprises. You don't want to spend all this time getting to a clean a clean slate, and then suddenly, unknowingly, someone has installed three new trackers that may be violating HIPA.

Ray Mina
So it's really about this audit all the way through to monitoring approach that goes beyond software. It's really about process and teammates that work together. But there's a part of this that, you know, we can help. And the first place you're going to get to that I mentioned is you're going to have you're going to end up with two sets of tools.

Ray Mina
You're going to have tools where you just cannot get it. Yeah. And you're going to have to manage the flow of that data. We're going to talk about how that would be possible a little bit today. But again, we've covered these tools. It's the ad platforms, analytics, video. You can't send them II. So you're going to need to make sure that you can feed the right data set to them, but not so much data that runs you afoul of the regulators.

Ray Mina
The other bucket of tools you're going to have are all these tools where you really need to get a B.A. or you can't get a B.A. We we have customers come to us that are using HubSpot. I don't mean to call out HubSpot, but this is one we hear a lot. HubSpot is a CRM. We use a CRM to do personalization.

Ray Mina
Like if you have a visitor that comes and becomes a patient, you're going to have information about who they are, their name, their email address. That's how you communicate. You're going to need an email address to send them a message or a phone number to send them a text. And if you're any good at marketing, you're going to want to segment those visitors and patients into where they're at in their journey.

Ray Mina
Like if their journey is a follow up appointment or if their journey is like a nine month pregnancy period where you're going to send them reminders about their baby's health and the mother's health, you're going to need to know that that health context. So that's high. And so there's no way for you to use a tool like HubSpot, which by the way, won't sign a it.

Ray Mina
There's no way for you to is a tool like HubSpot without a B.A. So if you're on HubSpot today, there's no software out there that's going to make HubSpot happy compliant. You're going to have to switch or you're going to have to get a visa put in place. Other tools like that, or data warehouses where you want those to be the source of truth that may contain a very rich data set.

Ray Mina
And then tools like session replay tools where you have visitor information and a bunch of contacts, there are tools. There's just no way around it. You're going to have to get a B.A. and that's the first part of the journey. Now, when it comes to the tools where you need to control the flow of data to the ad ecosystem, this is what that starts to look like.

Ray Mina
So visitors come to your website, or if you if you have a product or some kind of app experience and they visit your site, you need some way to safely collect that data. The Web trackers that are powered by some of these tools are not going to be safe according to the guidance. So you're going to need somewhere that is being supported that will actually, you know, collect that data.

Ray Mina
And then again, this is where you have the branching of the tools. You can send all that data down to the tools where you have a B.A. like your your CRM, but then you're going to need this governance layer when it comes to the tools like the analytics and ad platforms. So this is a simplification here, but this is what that new ecosystem starts to look like.

Ray Mina
And in order to handle that, the governance part, in order to actually manage the flow of the data, you're going to need some kind of solution, whether it's custom built in-house by by an engineering team, or if you don't have an engineering team like a lot of health care marketers, you're going to need a health care privacy platform.

Ray Mina
You're going to need something that can actually help you set this up yourself and help you manage it along with support from your legal and compliance team on an ongoing basis. And so the first thing that this starts with is you're going to need to remove these native trackers. So if you've got them at a pixel, if you've got Google Analytics, if you've got Google ads tracking on your website, though, the longer it's hanging out there, forget about that.

Ray Mina
You're violating the guidance. Like it or not, the longer that is hanging out there, the it's like a signpost. It's an invitation for lawyers and regulators to just dig a little bit deeper and see like what data are you sharing with those tools? And so Freshpaint as a platform, what we do is we replace all those native trackers with Freshpaint with one tracking snippet, and then we sign a bar with every single one of our customers.

Ray Mina
So that makes it okay for Freshpaint to collect back data. So New World is all those trackers are completely gone. If someone does a scan of your site, they will not see them at a pixel. They will not see Google Analytics tracker, they would just see Freshpaint. And if someone ask you questions, you would be able to show that you have a visa and it's okay for Freshpaint to collect that data.

Ray Mina
This is where it gets interesting because just because we can safely collect the data, as I mentioned, you're going to need some way to govern the flow of it so that high doesn't end in the downstream tool because that's really the problem. If we can collect all this safely, but all we can do is send it to Google Analytics.

Ray Mina
You're in the same boat and that's where we've learned working with health care customers. We were doing this way before June of 2022. We were working with health tech companies like Tok Dietary and Modern Health and two chairs, and we were helping build this product because they recognized some of these problems from their own teams internally. And what we learned was, okay, we've collected the data safely, but we need a way to make sure that doesn't accidentally ever get to a tool like Google Analytics.

Ray Mina
And so what we do is when you connect Freshpaint to an I'll use Google Analytics, but this applies to all these ad tools as well. When you connect Freshpaint to Google Analytics, we send no data. So the default state is no data is being shared. That's very different to the native web tracker that you may have installed today because the default state is they're going to send as much data as possible.

Ray Mina
So your starting point is we call it safe by default, because not just I know data is being shared to that tool, and then we give the marketing team a user interface that allows you to choose which data is safe to send to each tool. We're going to talk about the two use cases because they're slightly different. But the point is you basically have to opt in to say what data is safe.

Ray Mina
So if it's a tool like Google Analytics, of course you're going to need page visit information. Of course you're going to need conversion information. Of course you're going to need source information and time on page information, but you don't need to send any of that hip identifiers because Google Analytics doesn't need those to operate. So in our context, you would just never opt in to send an IP address.

Ray Mina
You would never opt in to send a device ID and therefore that data would never end up in a tool like Google Analytics and you would never be sharing it. And all of this is done without the need for engineers. So once Freshpaint is set up internally, this can all be controlled through a user interface without engineering, custom building things or setting up, you know, custom settings or filtering out data for you.

Ray Mina
So I think it's worth to conceptualize this to make it really crystal clear is just to talk about the two major use cases. So analytics and the ad ecosystem are our major use cases for every single, you know, health care organization we've talked to. So I mentioned on the Google Analytics side, you know, Google Analytics is going to receive a lot of health information about visitors to your site.

Ray Mina
All those page URLs, the button text, the conversion information, all this stuff is is context about their visit. And you should assume at some point along the way it's going to be health information. And that means you can never, ever, ever share a HIPA identifier with Google Analytics. That's how you that's how you remove the possibility of sharing AI.

Ray Mina
The good news is and you know, if you're a marketer like me and you've been using Google Analytics for a decade, you know, when you go to your reports and dashboard, you don't see anything about me as a visitor. You don't know it's rare, you don't know that it's steward. You just see that five people visited the pregnancy services page and two converted.

Ray Mina
But it's it's anonymous. Looking to you. The issue is that Google actually knows and Google has predictive analytics in their platform that they call out that that relies on identifiable information to utilize. So you know that Google is capturing identifiable information that they're able to leverage inside of their server farms. They're just not displaying it to you in Google Analytics.

Ray Mina
So the implementation here is we just never send any of the hip identifiers to Google Analytics and therefore we're never sharing. Pichai This does create one problem, and that problem is Google Analytics. Like, I don't care about Google Analytics as a session based tool. I want to see the entire visitor journey, right? Because as a consumer, I may make multiple visits to your health care brand's website before I schedule an appointment.

Ray Mina
And you want to see that track. You want to see how I experience you, want to see how you can replicate that success. And in order to do that, usually Google Analytics relies on something like a device ID to stitch together those sessions. And so because we can no longer share the device idea, the IP address, Freshpaint out of the box replaces it with an anonymous ID.

Ray Mina
The anonymous ID allows Google Analytics to recognize that it's the same visitor across all the sessions, but they can never reverse to understand who the visitor was, so they cannot personally identify that it was Ray or Stewart. This is how we solve for making sure that we can make this a journey tool, a visitor journey tool without ever sharing any identifiers with Google Analytics.

Ray Mina
This all happens out of the box when you connect to Google Analytics and Freshpaint. We just do all this for you so that there's no need to build some kind of like custom scheme to this off. Now the other use case is ad platforms. And a lot of people, you know, one of the problems that you have when you start to remove some of the tracking technology is you just lose the ability to report off as conversions.

Ray Mina
I would argue that that is probably the the least of your problems when it comes to modern day ad platforms in that when you remove the data, if you're running any kind of conversion optimized bidding strategies where you're letting the platform basically do the bidding to maximize scheduled appointments or new members, you've completely cut off that data loop that facilitates that.

Ray Mina
What I mean by that is the way, you know, if you're like, man, you started in the manual bidding days where you like bid cost per click, those days are long gone. Google ads, Facebook ads, they all work in a way that if you feed conversion data to their platforms in the background, they can automatically target from their huge data trove of consumers, they can automatically target to try to serve you more people that were likely to convert and the way that works is you just feed, say, Facebook, say 50 to 100 initial scheduled appointment conversions and Facebook builds a match list and an audience behind the scenes.

Ray Mina
It just happens automatically. And the goal is to send you more scheduled appointments at a certain KPI. Maybe there's a cost per lead that you're trying to anchor on. There's a whole, whole bunch of ways in that platform that Facebook and Google ads can facilitate that. If you cut off, if you cut off the data feedback loop, impossible.

Ray Mina
You can't you can't do this without data. But the problem is like the megapixel and Google ads tracking. It's sending too much information. It's sending AI. And that's exactly what the regulators are telling you not to do. So the good news is that Facebook and Google and all these direct response ad platforms, they actually don't need that much data to make that feedback loop work.

Ray Mina
We've tested this with a whole bunch of our customers and there there are two required points. You obviously need to tell the app platform that a conversion happened. Like if your goal is scheduled appointment, don't share that it was scheduled appointment because that could be health information, just share a generic lead event. So a lead or call it some random name that is not identifiable.

Ray Mina
And then they do need to know the ad click ID. So the ad click ID originates in Facebook or Google ads when someone clicks on the ad and it does contain attribution information about which ad was clicked or which campaign. But it does contain some identifiers that can let Facebook or Google know who that actual person was that converted with those two data points.

Ray Mina
There's no health information there. So remember, our formula is identifier. There's definitely an identifier here and health information. There's no health information because we're not sending any page visit information. We're not sending any context about that journey through your website. And these two data points are enough to allow those ad platforms to automate your bidding in the background to serve you better conversions.

Ray Mina
Now, if you add more identifiers, never health information metrics can get better and can be even more effective. But that's a conversation you'll have to have with your legal and compliance team to see what they're comfortable. So analytics is you can never share identifiers, ad platforms, you can never share any health information or health context about about that visit.

Ray Mina
So I'll stop there. That was basically a walk through of like, how did we get here and what's the path forward? And I want to make sure we save some time to go over questions and answer questions that that folks have. Before I do that, though, I want to offer, because this is very nuanced and there's a lot of like detailed questions that people often have.

Ray Mina
I wanted to launch a poll to put the offer out there that if you did want to reach out to follow up with with either Healthcare Success or Freshpaint or both, you know, feel free to do that. And someone from our team can help can follow up with you to answer questions specifically. So we just launched that poll.

Ray Mina
Feel free to reach out to connect to us right now. I'll stop sharing, Stewart. And I think I think we have a couple questions have come in already. So yeah, let me so the first question that we had is we don't have any tracking tools in place since the new guidelines have been. So this is someone who's basically received the guidance and has removed all the tracking technologies from their website and they're asking what if we just keep running Facebook and Google ads without that data feedback loop?

Ray Mina
And I talked a little bit about this at the end, but I wanted to see if you're an you're an expert in marketing. You have a team of of 50 people who do this all the time. What what's your thought there? Like if someone wanted to spend a bunch of money with you but didn't want to track any kind of conversions or things like that, how what would your recommendation be?

Stewart Gandolf
So I'm a metaphor guy, as you probably already remember, captaining somebody blindfolded, shooting a machine gun, just kind of it, whatever. And that's really the problem, is that you can do it. And we do have some clients that have just said we're just taking the pixel off. And so that is an option for Google Analytics and Facebook. Facebook was a little easier because we just did something different.

Stewart Gandolf
But the challenge is you can't judge your effectiveness of the marketing, number one. Number two, you can't optimize because as a reminder, if you're optimizing options, that's the magic of all this, is that when we're our team is working on whichever platform, we're always analyzing, analyzing, but optimizing with machine intelligence and with human intelligence to what's working right.

Stewart Gandolf
So if you're not tracking, you don't know what's converting. So if you're running at 10,000, a hundred thousand or whatever amount paid search campaigns, you don't know what's working, what's not. You're spending money. And that's why the analogy just shooting a gun up in the air came from because you really need to get that feedback. Otherwise you have no idea what you're hitting.

Stewart Gandolf
And so that's at the end of the day, what's so important and another thing that's an insight, then you're not just it's just like for clients that are doing very little marketing, it's not as big of an issue. It's like still you're driving and walking around blind in an ally, but if you're doing substantial marketing, you have your marketing won't be effective and it's just not sustainable that things don't work, right?

Stewart Gandolf
Yeah.

Ray Mina
So true. We have some firsthand data points here. Organizations who we've worked with who remove trackers and are running substantial ad campaigns without them. We've since restored some of this stuff. And look, this stuff is very black box inside of these ad platforms. So no one can predict what's going to happen case by case. But we've seen customer acquisition costs go up by 3 to 10 X.

Ray Mina
So like, I guess if you're.

Stewart Gandolf
Not surprising to me because. Exactly. Yeah, that's so not surprising And that's that's it makes it no longer profitable, right? So that's.

Ray Mina
Right. Yeah. Like three you attack attack increase of I know for myself at Freshpaint I'm not I'm not marketing to consumers but if my car went up by three X overnight I I'm done like I can't I can't continue to do marketing the way I do it today. It's not it's not sustainable. Someone did ask a question about with Freshpaint, and I didn't cover this today, but I didn't want to get too far in the weeds.

Ray Mina
I wanted to make it high level, but they ask about if Freshpaint could work with Google tag Manager. So again, this is one that you'll have to align with your legal and compliance team. But let me just share with you where a lot of folks are following right now the way that Google Tag manager works is that the Google tag manager sends the data wherever you point it to.

Ray Mina
So if you point the data to Google Analytics, you point the data to Facebook ads, that's where the data is going. It doesn't it doesn't by default send there's not like a backdoor to like Google server farms. And so we've been able to make Google tag manager and Freshpaint work together because we've created a migration tool that redirects those existing Google tags and points them to Freshpaint first.

Ray Mina
So they can't continue to point directly to those tools where you don't have a bag. They have to go to Freshpaint first. And if you remember that that way I explained it is then we run our governance layer and we make sure no pay goes down. The benefit here is and Dave on my team always says, we try to do the least amount of harm.

Ray Mina
By that we mean make it very easy for you to take your existing tech stack, make it, you know, HIPA compliant and privacy first, but keep operating the way that you do today. The advantage of just taking existing Google tag manager and redirecting your Freshpaint is that implementation can be like a week to a few weeks. You don't have to go and build a whole new event structure.

Ray Mina
You don't have to like rip and replace all these tools. If you if your team decides that they do not want to use Google Tag manager, then Freshpaint does have its own event management system that we can basically set up in our platform and get you off of Google Tag manager. But we believe that Google Tag manager and many, many teams feel this way as well, that as long as you redirect those tags to Freshpaint first, that it's completely safe to continue to use this one.

Ray Mina
I definitely want you to I have my own feeling here, sir, but you've been in this business for a long time, so I want you to weigh in here, Everyone. Everyone has been following this. So, A.J., I think it was like 40,000 health care professionals. They sent a letter to OCR asking them to change the guidance. And I mentioned that the answer to that was a joint letter from HHS and FTC issuing an ultimatum to 130 hospital systems.

Ray Mina
I took that as we're not going to change the guidance. And then the HRA just recently, I think it was just two weeks ago, they're basically suing the government for overstepping with this guidance. And the question that came up is like, what's going to happen from that? How likely is that lawsuit going to impact these HIPA laws and this enforcement that we've talked about, Sara, what do you what do you think?

Ray Mina
Like, what's your feeling?

Stewart Gandolf
You know, it's funny that this topic actually came up. It's just that the head of marketing for a major health systems was talking about the you know, the when we didn't really talk much on this meeting about risk management. And so in other words that in this particular case, this health system was saying the head of marketing chief marketing officer couldn't get anybody in his system to pay attention to this.

Stewart Gandolf
So they said, well, we have risk all over the place. And this is like number seven out of ten. And so they were talking about this idea of the hospitals banding together and, you know, litigating against that. And I get it. And I think honestly, as much as I love you guys, that would be awesome if we were to make this all go away.

Stewart Gandolf
But I don't think it's going to happen anytime soon if it does. And so for me, you know, I mentioned at the beginning of this thing, I'm a conservative guy. Like I have enough problems in my life without worrying about frivolous lawsuits and things like OCR problems. And most of the clients we talk to are like stupid. We just sit around business.

Stewart Gandolf
That's why we hired you, right? You have the most sophisticated clients to work with. They're like, That's why we need help. We can't do this stuff. So to take this all on, because there are the tools I mentioned, we talked about 30 probably other tools or other options of ways of trying to solve this. And we landed on freshman just because we thought for most of our clients, almost all of them, it's just a more practical solution.

Stewart Gandolf
And I look at this as an insurance policy because in my opinion it's a good ask. Or I was like, Well, this get resolved or not, I don't think I'll ever go back to where it was. That seems highly unlikely. And whatever it is, if it doesn't pretty much kind of take time. And so I look at this as an insurance policy, honestly and like, you know, we have a lot of things we have to spend money on that I don't like to spend money on.

Stewart Gandolf
Right? So it's like but that's just the reality. It's like this wasn't contemplated. So I totally get to frustration from, you know, the hospitals and the practices and the telehealth companies and all the various people we work with. I was like, Oh my gosh, just one more expense. But the flip side of the downside, this is worse. So yeah, we'll see how it plays out.

Stewart Gandolf
I do not have a crystal ball as much as I study this stuff, but I'm looking at it as, okay, well what I'm going to do for the next 12 months. Yeah, I do. I want to, you know, risk go, you know, in a metaphorical way, run naked or do I want to be protected? Right, Right. That's kind of my up to the point.

Stewart Gandolf
I'm curious what you think, right?

Ray Mina
Yeah, I think the like you I don't you know, I'm not a lobbyist. I'm not you know, I'm not a lawyer, so I don't I can't predict. But one is there are there's a lot of precedent here where organizations like this is part of how things work, like an organization like the HRA will sue, to try to, like, change something very normal pattern those things and you can Google search a bunch of things.

Ray Mina
They sued you know, sue the government over this isn't 12 months. These are like three plus years of court battles for sure, especially around something that the know FTC and HHS have already said that it's going to they're going to dig their heels in about. So this is years worth of litigation. And so that's the first question is like, do you do you want to run with trackers on your website for the next three years and roll the dice?

Ray Mina
Or do you want to remove this stuff for the next three years and see, you know, KPI the deteriorate? The other part that kind of the the part that bugged me a little bit was that in the HHS lawsuit, they were very specific about saying that health care cannot continue like it's a burden on health care to not be allowed to use these trackers.

Ray Mina
And I think it's a little that's a little bit of a one sided argument because we already know where consumer sentiment lies as it relates to ad tech, like HHS essentially defending ad tech, which most consumers would not like want to hear. And health care professionals, I believe, like my perception of those brands are some of the most trusted brands in the world, Like I trust my health care provider, brands like UCSF are way more than I trust, like Apple or some other, you know, consumer brand.

Ray Mina
And so I feel like the right question to ask is how do we like, move forward? How do we actually, like, protect consumer privacy and have these outcomes from our business standpoint? And that to me, was completely missing from the lawsuit. And you've done the research. It's not just about Freshpaint. There are 30 ways that you could do both.

Ray Mina
There are a bunch of ways to solve this. So it's not like one of those scenarios that there's not a path forward. Right.

Stewart Gandolf
Well, I was just going back to that comment. There's lots of ways of doing it. It's just a question of what's practical. And the other part of this is the terms. Again, I'm not as close to the lawsuits as you are because I guess that's your business focus. But we each definitely study this a lot, but it's like the question of whether it's an overreach of the government is a separate question.

Stewart Gandolf
But it will take forever to be resolved, in my opinion. The second thing is, you know, like forget a lot of people may feel like we're under the radar and we are again, I'm just conservative. I want to protect our clients. So clients at any level we want to over protect and, you know, keep out of the frame, you know, so that somebody may see that they feel like, well, I'm not that big of a fish.

Stewart Gandolf
But that's, you know, sometimes that's who the class action lawyers like or the government. And again, you have two different issues. It's not just the government and now different agencies of the government. Now you have class action lawsuits or just frivolous lawsuits on a one off basis, like we had a frivolous lawsuit against us over using QR codes, which is a frivolous lawsuit.

Stewart Gandolf
Attorney It's going to cost 100,000 to defend. And we did it a different way and resolved it. But like, that's just a nasty horrible thing. And frivolous lawsuits. I mean, I even if you would, it's still a distraction to your business. So that's so I just believe in trying to I look at it as an insurance policy. I really do.

Stewart Gandolf
It's like I may not like it, but I don't know. I just hate the flip of it. You know, It's like that. It is a risk mitigation question, like, well, how likely is it and how much could it be? I'm just a conservative guy. I have bigger problems to worry about in my life than the unnecessary, unnecessary, stupid risk.

Ray Mina
Yeah, I think we have time for a couple more questions. 11i wanted this was actually a good question because I want to I want to like point to potential future here, which is, you know, are we losing Like we'll be losing any information, like if we're using something like Freshpaint to collect the data and then and then govern, it would it be losing or gaining information?

Ray Mina
And what what we see is that because Freshpaint will sign a buyer, we can collect the entire first party data set like what's happening on your website, What are visitors doing? So in that context, you won't be losing anything. And then when you have downstream tools where you also have a VA, like a data warehouse that you want to do, like very detailed analysis or a critical where you want to do very personalized and segmented journeys, it will facilitate that.

Ray Mina
What we've started to see, which we didn't expect, everyone agreed before this guidance that you would never put like analytics tracking in a post off world like no one was doing that. And a lot of these platforms have moved towards like really great post authorization experiences, but they're flying blind. Like if you're a hospital that delivers babies, where does the real conversion happen?

Ray Mina
Does it does it happen like when the person like becomes a patient or does it happen when they deliver the baby? And some organizations are interested in like measuring that. You can't do that with Google Analytics. You've never been able to do that. But because Freshpaint replaces all those noncompliant trackers with one that's powered by BSA, we can actually start to help organizations get a better view and get more precise measurements over what calc really looks like or what KPIs really look like.

Ray Mina
So we're actually seeing cases where people are starting to see gains that moving beyond just this acute privacy problem. They're actually starting to get the tooling in place that they haven't had before. That helps them, you know, power, better experiences and improve lifetime value. And obviously the holy grail of part of health care marketing is improving margins because it's notoriously low, low margin industry.

Ray Mina
So we're haven't haven't seen loss. We've seen actually people like find a better way. There's also something that people this this one is a is a little bit complex, which is if you think about like the content that you create, like when and specifically for advertising or engagement, like there's a question of how personalized can this content become versus like keeping it generic and brand oriented.

Ray Mina
I think in platforms where you have a business associate agreement. So if this is like an engagement question and you a via and I don't see anything wrong with personalizing that data because you wouldn't be violating HIPA in that context. I think where it gets really tricky is, is in scenarios like retargeting, because if you think about the way retargeting works, retargeting requires you to send ad platforms and audience.

Ray Mina
So like maybe maybe people who visited a pregnancy services page you want retarget them to like, you know, provide additional support and information so you know, you know where that audience came from. Even if you share that audience with ad platforms in a way, and you can Freshpaint can facilitate this and some of some of these platforms, you can send that audience to the platform in a way that doesn't reveal anything about the health context.

Ray Mina
Like they don't know what pages they visited, they don't know anything about their journey. The next part you have to think about is if you then serve an ad that is about pregnancy services or it's very specific to where they're at in their health journey. Because you introduce the audience to the ad platform, you may be introducing the element of AI.

Ray Mina
So in that context, you know, and again, this is a conversation to have with legal and compliance, to talk through how this works. But you may be better from a marketing standpoint of using more brand driven content versus like treatment or condition specific content to to keep yourself safe. But I that's how I would think about it is like, where are you introducing health information and the audience?

Ray Mina
Are you doing both or are you just introducing like an audience without health information that that's where that's where you have to like start to like have these more detailed conversations? We've seen organizations feel very good about direct response advertising, where the ad platform is building the audience where you haven't supplied it at all. I'm running more detail creative, but when it comes to retargeting, we've seen a lot of sensitivity of what type of creative you are allowed to use because you're the one sharing the audience.

Ray Mina
And even if you don't tell it that it came from a pregnancy services page, when in the ad itself tell Facebook that everybody in this audience may be interested in pregnancy services. So that's something to think about. It gets a little bit complex and definitely requires that conversation with your legal team. Stewart I know we're almost up against time and all these kind of folks that have joined probably have a lot more to do today.

Ray Mina
What what, what recommendation would you make? Like how should they follow up with Healthcare Success? If people want to learn more about how you can help?

Stewart Gandolf
I noticed also there's still ongoing questions more than we have time to chat here. So I would suggest for those of you that are kind of in this process, like for our clients that are watching, this is something that is serious. We're taking steps, but I'm sure that tons of due diligence prior today. So whether we've talked to you about this yet or the process of rolling this out through all of our clients, it's that's serious.

Stewart Gandolf
I don't think it's like it shouldn't be panic, but it's something I would say start taking action on it. That's the first step is the first step, right? The first step of a thousand mile journey is the hardest. So on on these kinds of issues. And this is, by the way, as I mentioned, the very opening. This is just one of the issues we're working with through the digital track.

Stewart Gandolf
And there's other things that are sort of related or in that ilk. So we're working through our clients like every client has different issues. So in your case, this is this example just is applicable and we think through about like what to do. I would suggest, you know, take advantage of, you know, we're happy to meet with you.

Stewart Gandolf
Freshpainters as well, reach out to us and, you know, we can explore this a little further as we cannot answer every possible question in this forum. We're happy to follow up, and I think your team can send some questions back to some of the people who weren't able to get to have a chat today. But I really think it just shows how to respond to that.

Stewart Gandolf
I'm getting serious talking now. That's great. That's a first. I don't have that before. I saw a little scary thing going, but I would just say take the first step. It's a serious issue. It's important. It's it is what I think. The other thing is there is there are solutions, which is important, not just coming to you with a problem, but coming to us some solutions and ways of working through this.

Stewart Gandolf
But at the end of the day, it will require, you know, informed discussions with your team, your executive team, your legal team, and maybe your tech team to some degree to sort through this. But knowledge is power.

Ray Mina
So thanks for doing this together, Stewart. And for everyone who attended, I really appreciate you dedicating some time to learn more and looking forward to seeing you center everyone.

Stewart Gandolf
You care about.