HIPAA Compliant Review Responses Writing Tips

June 5, 2023
3 min read

How to Respond to Patients Reviews and Remain HIPAA Compliant

When your practice starts using Zingit, you finally have an easy way to manage online reviews. So it is best to learn how to write HIPAA compliant review responses.

Our system alerts you of reviews left on the most popular sites (like Google and Facebook). When alerted to new reviews, you can respond faster, cultivate further reviews, and attract new patients to your practice.

Today, online reviews matter now more than ever. According to eTelling Group, 92% of users read online reviews before selecting a vendor.

92% of users read online reviews before becoming a customer.

Practices that use Zingit can encourage more happy patients to leave reviews and have an easier time tracking and responding to the reviews as they are published. We are sure you have had the consumer experience of reading positive and negative reviews when you are online.

Responses show that a business is engaged and cares about its customers. Thanking customers for positive reviews boosts the good vibes even further. Similarly, sending polite and genuine responses to negative reviews can help curb their impact.

However, as a healthcare professional, you've got to be extra mindful of how you address all patient reviews. Since online responses to reviews are public, responses must be completely HIPAA compliant.

Ultimately, you can be fined anywhere from $100 to $50,000 per violation for revealing private information in an online review response. Moreover, it's easier to do than you'd think.

Online review responses that break HIPAA rules can cost you between $100 and $50,000 per violation.

Interesting HIPAA Compliance Facts for Responses

  • Even if a reviewer acknowledges they are a patient, your response may not indicate the reviewer is a patient.
  • Even if a reviewer reveals private information about their health or visit, you are not allowed to talk about specific treatment or appointment information.

Does this mean you have to avoid responding altogether? Absolutely not!

Responding is a fantastic opportunity to show you are engaged and to further positive messaging about your practice—especially if the review was negative. Instead, you need to craft HIPAA-compliant responses that respect your patient's privacy.

So how do you write a response that respects the privacy of patient information and data while showcasing your attentiveness?

Tips for Writing HIPAA Compliant Online Reviews

1. Don't Say Names

This one may seem strange—especially when the patient's name is attached to the review. However, you need to avoid using names altogether. It's particularly vital in HIPAA compliance.

Don't write: "Thank you, Judy!"

Write: "We love to hear positive experiences!" or "We always appreciate feedback and look forward to continually improving."

2. Be General

Focus on using "for all patients" language instead of "you" language. Instead of addressing the reviewer directly, refocus the response onto your practice and policy.

Don't write: "We are glad you enjoyed your visit."

Write: "We strive to make visits enjoyable for all patients!"

3. Talk About Your Practice's Brand, Goals, or Policy

Responses are an excellent opportunity to further your brand messaging. So instead of directly addressing a complaint or compliment, you can talk about your goals regarding the patient's review.

Don't write: "We are sorry you had to wait."

Write: "We know our patient's time is valuable! Our goal is to see patients at the time of the appointment."

4. Stay Positive (Even After Bad Reviews)

Even if a review is negative, avoid getting defensive. Being defensive will likely violate HIPAA regulations. In your response, you're probably acknowledging specifics if you respond directly to what happened.

Furthermore, it is extremely damaging to your brand image. You don't want readers to see your office as combative, even if a patient's review is unfair or off-base.

In these rare cases, offer to have a conversation offline. At best, turn it into a chance to talk about the good things you work to do for patients.

Don't Write: "You were on your phone the whole time we gave you instructions."

Write: "Our goal is always to be extremely clear with our patients. That's why we offer detailed instructions, print take-home instructions, and even text them after appointments."

5. Extend the Conversation Offline

Sometimes, offering to continue the conversation offline is best because you cannot address a response directly.

This will have a double-whammy effect: it may help improve the relationship with a dissatisfied patient. Also, it shows anyone who reads the review that you care about having a personal connection with patients. If the review was negative, it shows you want to make it right.

Don't write: "We are sorry and want to fix this for you."

Write: "We'd love to talk about this further—contact our office manager at XXX-XXX-XXXX."

Remember, aside from providing excellent care, engaging with patients is the best way to encourage them to return to your practice! So be sure to track and respond to all reviews—positive and negative.

With a little forethought, it's easy to protect your patients' privacy and stay HIPAA compliant as you go.

Invest in Your Practice with Zingit

Tracking online reviews is just one small aspect of our growth software. Zingit is a robust tool that helps you attract new patients, reactivate inactive patients, and fully engage with existing patients, keeping them coming back for more.

Interested in learning more about rapidly growing your patient base? Schedule a demo today!

Online Reputation

Join our mailing list

Running a practice without Zingit is like leaving money on the table.