" marketing Archives - LuxSci

Posts Tagged ‘marketing’

How to Achieve Better Open & Click Rates Without Compromising Data Security

Tuesday, January 19th, 2021

Want to improve your email open and click rates, but scared you might end up compromising data or personal information?  It’s a common fear, but in our world of constant cybersecurity incidents, it should probably get even more attention than it does.

If your organization falls under the HIPAA regulatory framework, you need to have an even greater level of concern about how information security can be compromised amid the constant push to leverage data for more effective marketing and engagement.

Better Open & Click Rates

While you may think that data security is at odds with the goal of boosting open and click rates, there are ways that you can find a suitable balance between the two.

Boosting Open & Click Rates

Almost every organization wants to ensure its long term success, and those in the health industry are not immune from this tendency. In today’s hyper-competitive marketplace, a large portion of this comes down to being able to stand out from the crowd, particularly through email marketing.

One of the most critical aims of email marketing is to achieve high open and click rates. Performing well in these metrics tends to bring in more business, which is an important part of keeping the lights on.

But how are high open and click rates achieved?

Under normal circumstances, it’s important for the subject lines and messages to be well-written, engaging, and targeting the right groups with the right propositions. The more relevant your subject line is to an individual, the more likely they are to open it. The more appealing or useful its contents, the more likely that the person will take your desired action.

So the burden of success tends to fall on the shoulders of your copywriters. They need to be able to get into the minds of their prospective recipients and create an appeal that matches the recipients’ needs and desires. This is fundamentally how high open and click rates are achieved.

But people are not monolithic, and a message that works for one will be a dismal failure on another. This brings us to segmenting email lists into groups with commonalities, and targeting them appropriately.

Targeting Customers to Boost Open & Click Rates – What About ePHI?

If you are in the health industry or process electronic protected health information (ePHI) on behalf of others, you have to be cautious about how you use your data to target those on your email list. This data may be incredibly helpful for targeting people with the appropriate messages, but it can very easily result in HIPAA violations.

Even something as simple as sending out a newsletter about anorexia to a group of anorexia patients could be considered ePHI, because the recipients’ emails, plus the information about their medical conditions, or the fact that they visited your facility, can tick both of the boxes that determine whether or not information counts as ePHI.

This makes it incredibly easy to end up on the wrong side of HIPAA by accident. Your organization may never intend to send emails that contain ePHI, but a staff member could send something seemingly benign, only for it to result in the serious ramifications of a HIPAA violation.

Because of the ease of making these mistakes and the significant consequences of doing so, it’s best for organizations to use a HIPAA-compliant email marketing service if there is even the slightest chance that ePHI could accidentally be sent in a message.

HIPAA-Compliant Email Marketing Services: High Open & Click Rates Without the Risk

While HIPAA-compliant service providers are critical for reducing your organization’s risks, there aren’t a whole lot of options. Quasi-HIPAA compliant providers may allow you to store ePHI in their databases, but their complicated configurations and incomplete security (i.e., they do not send encrypted emails)  could easily lead your organization to violate HIPAA regulations.

LuxSci’s Secure Marketing is one of the only services that allows you to send marketing messages that may contain ePHI, without facing major risks. The security mechanisms and HIPAA compliance built into the Secure Marketing service allow you to use your customer data without having to worry about falling foul of HIPAA.

This means that LuxSci’s service allows you to safely use your data to target recipients with relevant and effective messages. You can send a newsletter on anorexia to those that suffer from the disease, or a reminder to take a bowel cancer screening for those most susceptible.

Our Secure Marketing service helps you target groups with the information they really need, rather than just spamming your entire list with various information and hoping that some small portion of your audience finds it interesting.

Not only does this prevent people from unsubscribing because they are sick of receiving a bunch of irrelevant emails, but it also makes it much easier to achieve high open and click rates and positive, active engagement. This is because you can target smaller groups with messages that are specifically designed to appeal to them.

Secure Marketing can help you get past the poor ROI of mass emails, without having to worry about violating HIPAA. LuxSci’s Secure Marketing customers that follow best practices have been achieving open and click far above the normal expected rates in the industry, which are around 10-20% for opening and 1-2% for clicking.

With such dramatic differences, Secure Marketing can be the missing piece of the puzzle that helps your organization leverage its data without the usual risks. Contact our staff to find out how LuxSci’s Secure Marketing can help improve your business’ open and click rates.

Connect your Secure Forms to your Secure Marketing

Wednesday, November 11th, 2020

An extremely common and revenue-driving workflow, from a marketing and engagement perspective, is to have the contact information of the people who fill out your online forms automatically added to your marketing database. Such an integration saves time, by not requiring manual data entry steps, and speeds your marketing automation processes along.

Secure Form to Secure Email Marketing Integration

This automated connection is now available for your LuxSci Secure Forms; after a license upgrade, they can now be automatically integrated with your LuxSci Secure Marketing platform.  This integration enables new contacts to be automatically created in your Secure Marketing instance from selected Secure Form posts.  You can then leverage Secure Marketing to send automated drip campaigns to these contacts, send them group mailings, and more.

Read the rest of this post »

What is HIPAA-compliant Email Marketing?

Monday, January 13th, 2020

Why does your organization need HIPAA-compliant email marketing? It’s simple. Businesses in the healthcare field (and those that process their data) have many of the same needs as other companies. They need to be able to get their messages out, so that they can help more people and drum up more business.

Whether it’s HIPAA-compliant bulk email or emails that are specific to the individual, the messages need to be sent in a way that abides by the regulations, both to protect the privacy of patients, and to avoid legal penalties.


Email marketing

When Should You Send HIPAA-compliant Email Marketing?

HIPAA-compliant email marketing is critical whenever your organization could potentially be sending electronic protected health information (ePHI). This is information that is both individually identifiable and relates to someone’s healthcare.

Individually identifiable means information that can be connected with the person. This includes identifiers like their name, address, birth date, email address, social security number and much more. Not only does the definition of ePHI cover people’s past, present and future health condition, but it also includes treatment provisions and billing details.

While anonymous health details or individual identifiers sent by themselves are not covered by the law, when the two are brought together you need to be careful and abide by HIPAA regulations. You will need a HIPAA-compliant email marketing service whenever you send ePHI, and it’s best to err on the safe side even if you think an email may not contain ePHI.

A good example of a borderline case would be a newsletter sent around to all of a clinic’s cancer patients. While the email may contain helpful information, it could also end up breaching the patients’ privacy and HIPAA regulations.

HIPAA emailing

This is because the emails are sent to an address, which is a personal identifier. If the message was only sent out to cancer patients rather than to many different people, then the email could be considered ePHI, since being a recipient of the message would effectively declare that the recipient was a cancer patient.

While this may sound like a stretch, it’s also important to consider that normal email isn’t secure. If a politician or a CEO’s email was intercepted and this information released, it could cause damage to their careers and take some agency away from their lives.

This is just one example of why it’s crucial to err on the safe side and use HIPAA-compliant email marketing for any promotional materials whenever there is even the slightest possibility of sending ePHI.

On the other hand, if you have a HIPAA-compliant email marketing solution that allows for the sending of ePHI in email messages, then you can leverage ePHI to send much more effective messages.  You have a much larger return on your effort. 

HIPAA-compliant Bulk Email Solution

Finding an appropriate service for HIPAA-compliant bulk email marketing can be challenging. Most of the common vendors aren’t HIPAA compliant at all. Others claim compliance, but still require you to not send anything sensitive via email (because they do not actually secure the email messages).  Finding one that can suit your business needs and can also protect the actual email messages is difficult.

Thankfully, LuxSci’s High Volume Secure Email has been designed to cater to both needs. Security and compliance are considered at every step of the way, while still delivering a top-quality product that fits right into your organization’s workflows.

Phishing or for Real? Why Companies Need to Take a Closer Look at Their Email Marketing

Friday, April 7th, 2017


In July 2016, Hilton HHonors loyalty program members received an email asking them to log into their Hilton HHonors account to confirm their correct email address, mailing address, and other personal details.

The email set off alarm bells for a number of customers. One tweeted a screenshot of the email to the Hilton HHonors Twitter account, asking, “… is this legit? Looks very much like a phishing email…”Phishing

Hilton’s support team responded, “This is not an email from the HHonors team. Please do not share your account details.”

The only problem? It was a legitimate email from Hilton HHonors, but it so closely resembled a phishing email it fooled Hilton’s own IT team.

Hilton is not the only company to inadvertently send customer emails that are nearly indistinguishable from phishing emails. Many companies send emails asking their customers to log in to confirm account information or confirm payment details. Sometimes, cautious customers will reach out to the digital community for feedback on whether an email is real or fake.

These emails are a problem because not only do customers believe them to be phishing emails, but they normalize emails that ask for personal information—making people more vulnerable to real phishing scams in the future.

Marketers need to understand email marketing best practices to send secure customer messages that don’t endanger customer privacy and data. Here’s everything you need to know from a technical and content perspective to make sure your email isn’t mistaken for a phishing scam.

Read the rest of this post »

Is sharing my patient list with a marketing company OK under HIPAA?

Saturday, February 11th, 2017

We received this questions via Ask Erik from the head of a Dental Practice (who wished to remain anonymous):

“I want to create a Refer-a-Friend program, for a dental practice, that will be managed by a third party marketing agency.  The third party needs only my patient names and address to do an on-going e-mail campaign, no PHI will be given to the third party — just name and e-mail address.

Because I am ‘Marketing” to my own list, and I am NOT marketing any third party products, and I am not receiving any third party payment for anything:

* Am I in any HIPAA danger? (No PHI is ever exchanged, and I am NOT marketing anyone else’s product.)

* Because my PHI is de-identified from the associated names and e-mail addresses, is it OK for me to hand over my patient mail list to my marketing agency (being very careful of course to include NO PHI)?

* Does HIPAA specifically prevent me from marketing my own products to my patient list? I know that marketing other people’s products to my list will require prior consent. But, marketing my own Refer-a-Friend program… how is that a violation?

NOTE: PHI is defined as: “(A) is created or received by a health care provider, health plan, public health authority, employer, life insurer, school or university, or health care clearinghouse; and (B) relates to the past, present, or future physical or mental health or condition of any individual, the provision of health care to an individual, or the past, present, or future payment for the provision of health care to an individual.”

So, is a mail list of my patients’ names and e-mail addresses considered to be PHI (if it contains no associated PHI as defined above)? The definition above would say NO. The definition above states that it is ONLY the health information about a patient — NOT the patient’s name and e-mail addresses themselves.

Also, on the mail list for the Refer-a-Friend marketing program, there will be names other than patients, probably about 5% are not patients. Does this influence the phi/non-phi question?

This is a very important distinction. Having clarity on this question could free up a lot of us to proceed with e-mail marketing.

If a mailing list, for a dentist, that contains 95% patients and 5% non-patients, and NO health information (just names and addresses)… is it considered PHI?”

Read the rest of this post »