" email marketing Archives - LuxSci

Posts Tagged ‘email marketing’

Case Study: Securely Email Medical Laboratory Results to Patients

Tuesday, August 17th, 2021

Medical laboratories use LuxSci’s secure services to email lab test results to patients. Although medical laboratories are not always HIPAA Covered Entities themselves, they are Business Associates with hospitals and doctors who are required to abide by HIPAA. By the “transitive” nature of the HIPAA privacy laws, Business Associates must abide by HIPAA security and privacy standards, protect patient data, and ensure confidentiality.

email lab results

In order to send patients their results via email, these labs must use a HIPAA-compliant system that can send email to anyone with an email address. We work with labs to securely send Covid-19 test results, cancer screening results, and many other kinds of medical test results via email.

This post describes how one large medical lab uses LuxSci’s Secure High Volume Email sending service to safely deliver lab results to thousands of people every day.

Read the rest of this post »

5 Email Open Rate And Click Tracking Caveats That Every Marketer Should Know

Tuesday, August 10th, 2021

Understanding your email open rates is critical for the long-term success of your marketing strategy. If you aren’t monitoring key metrics, you won’t know if your campaigns are effective. Reviewing KPIs regularly helps you understand how to tweak your strategy to meet your business goals.

While you are likely already tracking key metrics, you may not know that there are some caveats to the accuracy of email open rates and click tracking data. Understanding these caveats will help you properly interpret your results.

email open rates

1. Email Software Configuration May Lower Email Open Rates

You have no control over the email software that your recipients use or how they set it up. Some users will have their email client configured so that it will block images or HTML in their email content.

Users do this for security reasons or because they don’t want to be tracked. Either way, it’s bad news for the accuracy of your email open rate figures and click tracking data. Under normal circumstances, this type of data is collected via a beacon that is embedded in every email you send out. These beacons are tiny images that recipients don’t notice. They work by triggering a request for the image data from a server, which results in the server obtaining data about the recipient.

If a recipient blocks images or HTML, these beacons won’t load. This means that the tracking data isn’t collected by the server. Marketers will not have any insight into their activity. Even if the recipient does read the message, it won’t be included in email open rate figures. This results in email open rates that may in reality be slightly higher than your data shows.

2. Automatic Opens May Affect Your Email Open Rate

Some email programs may automatically open messages without user intervention. This can result in false positives. As a result, a user may be counted as having opened your email, when in reality it was just their software. These false positives will affect the accuracy of your email open rate, suggesting that the individual opened the message when they actually didn’t.

These false positives can be caused by some email filtering services which pre-load images to scan them for security purposes. Gmail has also been known to automatically pre-load images, affecting the accuracy of your email open rate.

3. Spam Filters May Affect Your Email Open Rate & Click Tracking

Some recipients may use spam filters that are configured to click email links to verify whether an email is safe. While this is great for protecting the recipient, it does pose a problem for email marketers. These automatic clicks from the spam filters may artificially inflate your email open and click rates.

If you look through your metrics, you may be able to determine which are automatic clicks caused by spam filters. If you see that multiple links are clicked in rapid succession, it is a solid indicator that the filter is scanning the email, rather than the recipient clicking a link themselves.

4. Certain Recipient Software May Prevent Collection of Email Open Rates & Click Tracking

Email client providers may offer protective measures that stop beacons from being able to collect metrics for the sender. The most prominent offering to do so is Apple’s Mail app, which began providing Mail Privacy Protection as part of iOS 15. This gives users the option to protect their email activity and prevent marketers from knowing when they open an email. It also masks their IP address, which stops their IP from being linked to their other online activity.

While many users may like this privacy feature, it does cause problems for email marketers. If more users opt-in to these privacy features, marketers may have to rely on metrics other than open rates.

5. VPNs May Cause Location Data To Be Inaccurate

As Virtual Private Networks (VPNs) become more popular, the accuracy of your location data may be affected. This is because VPNs allow users to spoof their locations. The data may indicate that a user is in Texas, but in reality, he or she could be in Vietnam using a Texas-based VPN server.

You need to be aware of this limitation when planning your email marketing strategy, and allow for the fact that your location-based targeting may not be 100 percent accurate.

How Can You Obtain Useful Metrics While Remaining HIPAA-Compliant?

While the above caveats complicate email open rate accuracy and click tracking for all marketers, those in the health sector face an even more complicated challenge. They need to be able to obtain useful data without violating HIPAA regulations.

Thankfully, LuxSci’s Secure Marketing tool is designed specifically for email marketing in the health industry. It offers features that allow you to measure your email open rates and click tracking, all while helping your organization meet its HIPAA compliance needs. Talk to us today to find out how Secure Marketing can help solve your business challenges.

5 Questions to Find the Right HIPAA-Compliant Email Marketing Platform

Tuesday, June 15th, 2021

If you are subject to HIPAA regulations- think twice before sending off that marketing email blast to your customers. If your emails contain ePHI, stop and make sure you are using a HIPAA-compliant email marketing platform before sending.

Not all email marketing platforms were designed with HIPAA compliance in mind. In fact, it can be difficult to figure out which vendors will allow you to send HIPAA-compliant emails on their platforms. We created this list of five questions to help you screen potential vendors for compliance.

hipaa compliant email marketing

1.    Is your email marketing platform HIPAA-compliant and HITRUST certified?

It’s a simple question, but if the vendor does not mention anything about HIPAA or HITRUST certification on their website, it’s a good indicator that they are not secure enough to be compliant. As you probably know, HIPAA regulations can be onerous, and many companies do not have the time, expertise, or desire to update their technology. On the other hand, if they have taken the time and spent the money to invest in the serious security steps needed for HIPAA compliance, you should be able to find something about it in their marketing.

2.    Will the vendor sign a Business Associate Agreement?

If you are sharing ePHI with a vendor (including lists of patient names and email addresses), you must have a BAA in place that outlines their responsibilities to protect your ePHI. If a vendor will not sign a BAA with you, it is an obvious sign that you cannot use their platform for HIPAA-compliant email marketing.

However, even if a vendor will sign a BAA, it does not mean that you can use their platform and comply with HIPAA. Read the fine print! Some companies have very restrictive BAAs that severely limit the functionality of the platform and prevent you from sending emails. We call these vendors “quasi” compliant. The only comply with HIPAA, if you abide by strict rules that prevent you from actually using their solution.

For an example, take Constant Contact. They will sign a BAA. However, they explicit state in their BAA that you:

“Should not use our systems for transmitting highly sensitive PHI (for example: mental health, substance abuse, or HIV information). Our application was not built for electronic medical records (EMR). If you have such information to send, please do not use Constant Contact.”

Constant Contact does not encrypt outbound emails, making it a poor choice for a HIPAA-compliant email marketing vendor. Depending on your email use cases, you could be unable to send any emails on their platform. Even worse, if you mistakenly send emails that contain ePHI you will be held liable for violating HIPAA, not Constant Contact, because you violated the terms of the BAA.

3.    Does the email marketing platform protect data at rest and in transit?

Encryption is an addressable standard as part of the HIPAA Security Rule. Encryption is highly recommended to protect ePHI in all digital communications.  Many email marketing platforms have adopted encryption methods that are secure enough to protect ePHI while it remains in their systems. However, that’s not enough to comply with HIPAA. You should specifically ask about their ability to encrypt outbound emails. Data in transit is extremely vulnerable to malicious actors, and therefore you need to encryption to protect emails containing ePHI. If a vendor does not provide encryption for outbound marketing emails then you should not consider using them.

4.    How does the email marketing platform encrypt emails?

If a vendor says that they do encrypt outgoing messages, it’s important to consider these additional questions.

  • How are they encrypting those emails?
  • Do the encryption methods match your email use cases?

As a marketer, you want your emails to directly reach the recipient with as little friction as possible. If the recipient has to login to another platform to read the email, it’s unlikely to be read. A good HIPAA-compliant email marketing platform will use TLS encryption to send marketing messages directly to inboxes that support it. Emails sent with TLS encryption appear just like any other message directly in the recipient’s inbox.

However, there may be scenarios when you need to use more secure encryption methods. We recommend finding an email marketing vendor that is flexible and will let you select the right method of encryption for any type of message. For example, you may want to use a portal-based encryption method to send highly sensitive messages. Either way, make sure your vendor can support your needs with the right type of email encryption.

5.    Does the platform allow you to send ePHI in the body of your emails?

Finally, the most important question to ask is: can I include highly sensitive patient information in an email? If you cannot, you can’t use the full power of the email marketing platform to create targeted, personalized and relevant messages. At best, you can only send generic office newsletters. If you want to create the types of marketing emails that will drive ROI and improve patient engagement, utilize your patient data for personalization and segmentation.

HIPAA-Compliant Email Marketing Platforms

LuxSci’s Secure Marketing platform was built from the ground up with HIPAA compliance in mind. If you would like to learn more about how to create compliant email marketing campaigns utilizing ePHI, please let us know.

 

 

How to Use ePHI to Segment and Personalize Email Marketing Campaigns

Tuesday, June 1st, 2021

Segmentation and personalization are powerful marketing tactics that are widely used across all industries. It is well-documented that marketers who send emails that are segmented and personalized experience much higher open and click rates. However, when healthcare marketers want to use these tactics, they must be aware of HIPAA! Any message that contains ePHI must be protected. In the past, these regulations made it difficult to send bulk marketing messages beyond generic office newsletters. However, using ePHI to segment and personalize marketing campaigns is possible!

To leverage patient data and create highly engaging and effective email campaigns that do not compromise security, marketers must use a HIPAA-compliant email marketing solution. We will walk you through how to use ePHI to segment and personalize healthcare marketing emails and improve your patient engagement.

how to use ephi to segment and personalize emails

How to Use ePHI to Segment Email Lists

Every campaign starts with identifying the target audience. When you use segmentation, you simply break down your email list into smaller subsets based on shared characteristics. The benefit of segmenting a list based on shared data is that you can adjust your messaging to speak more directly to that group of customers. When you are using a HIPAA-compliant marketing solution, you can segment your list using any data that you have from your patients (make sure you obtain appropriate permissions and opt-ins first!), including ePHI.

Ways to Segment lists using ePHI

Some examples of ways you can break down your lists using ePHI include:

  • Demographic characteristics
    • Gender
    • Age
  • Geographic location
  • Primary care provider
  • Date of last visit
  • Reason for last visit
  • Sensitive medical information
    • Medical conditions
    • Treatment history

The possibilities are only limited by the data that you collect.

How to Use ePHI to Personalize Emails

Once you have identified who the email is going to, the next step for sending an engaging email is to personalize the content for that audience. Much like segmentation, the possibilities for personalizing emails are only limited by the data that you collect. Anything that you can do to make the email feel like it’s a 1:1 communication instead of a generic blast email will increase the likelihood that it will be opened and engaged with by your target.

How to Personalize Emails with ePHI

The most common way to personalize an email is by using the person’s name in the subject line or email greeting. However, personalization can go much deeper when you also segment the list with ePHI. When you narrow down your list, it is much easier to create campaigns that appeal to the audience with relevant content and targeted promotions. A good example would be offering free breast cancer screenings for women during October. Men would be unlikely to engage with that email, because the subject matter is not relevant to them. By sending the email to only women of a certain age bracket, you are likely to increase the response rate and not irritate others on your list by sending them unnecessary information.

Other ways you can personalize emails with ePHI include:

    • Using a unique “From” name (e.g. saying the email is from Dr. Jones, who is the patient’s PCP, instead using the name of the medical practice or billing department).
    • Providing program recommendations based on past behavior (recommending a support group for a specific condition).
    • Automating workflows based on behavior triggers (appointment reminders, pre- and post-op instructions, prescription refills, etc.).
    • Customizing the content based on data.

Segmentation and Personalization Example

Say we are auditing some patient data and realize that in our patient population, men at risk for diabetes are much less likely to schedule up a follow up appointment. As a result, this group is becoming much sicker than they otherwise would with early intervention. How can we reach this population? By using ePHI to segment and personalize an email campaign just for them.

First, we create a segment based on the pattern we observed: men who are over 40 with elevated A1C levels at their last test.

Then, the marketing team can create personalized content like blogs, white papers, or guides designed specifically to influence the segment’s behavior. One email in the campaign might look something like this:

“Dear [first name],

During your last visit on [last appointment date], your A1C levels were elevated, which indicates that you are at a higher risk of developing diabetes. Download our guide with nutritional advice and example meal plans designed to help control your blood sugar.”

Perhaps the nutritional guide mentioned in this email example has a call to action that invites readers to schedule a free consultation with a dietician to learn more about dietary changes they can make to prevent diabetes.

Likewise, by segmenting the audience, you can create personalized offers that are more likely to drive the behavior you want. In this example, maybe you offer discounted rounds of golf to anyone who joins a men’s diabetes support group.

Use Personalization Tags for Scalability

Best of all, with email marketing, you can create these emails at scale. You do not need to write individual emails to each of the patients that falls into this segment. You can use personalization tags to automatically pull in the information you have uploaded to the platform. As you see in the example above, where it says “[first name]” and “[last appointment date]” the platform will pull in the corresponding information tied to each unique email address, saving you time and improving your email performance. This is an advanced technique, but most email marketing platforms include this capability. Once again, make sure you are using a HIPAA-compliant platform before uploading any medical information.

Now you know how to use ePHI to Segment & Personalize emails- what’s next?

It’s important to find a vendor that will allow you to use these techniques without violating HIPAA. Many of the most common vendors like Constact Contact and Mailchimp are only quasi-compliant at best. Do your research, sign a BAA, and ask the right questions to ensure you can send ePHI in any email you send.

 

8 Factors That Influence IP Reputation and Email Deliverability

Tuesday, May 25th, 2021

Getting your email marketing messages into your recipient’s inboxes is key to a successful mailing campaign. This is “deliverability.” One of the central factors governing the deliverability of your messages is the reputation of the Internet Protocol (IP) Address of your sending email server — its “IP reputation.”

This article explains some of the most common factors that affect your server’s IP reputation and email deliverability. Having a good IP reputation will help ensure your marketing messages are reaching your recipients.

Before diving in, check to see if you are on any common blacklists using mx toolbox.

ip reputation and email deliverability

Read the rest of this post »

LUXSCI