Staying HIPAA-Compliant When Responding to Patient Reviews

Patient reviews matter because they help prospects determine whether a practice or healthcare clinician can provide them with the services they need. In fact, a 2020 survey showed 77% of people use online reviews as the first step in finding a new physician. However, reviews can be both good and bad. There’s no denying how overwhelming it can be when you notice a negative review here and there on your website and wonder what went wrong. 

Positive reviews are often easy to respond to, as a general “thank you” or “we are pleased to hear your positive experience with our team,” goes a long way. But how do you respond when the negative reviews pop up? This is where it gets complicated, especially when you need to respect your patient’s privacy concerns and comply with the Health Insurance Portability and Accountability Act of 1996 (HIPAA).  

Consequences of Non-HIPAA Compliant Responses

If you respond to a negative review, the most important thing to keep in mind is following HIPAA compliance in order to avoid any violations being made. Here are the four levels of HIPAA violations: 

  • Tier 1: A fine ranging from $100 to $50,000 for a violation that the covered entity was unaware of and could not have realistically avoided.
  • Tier 2: A fine ranging from $1,000 to $50,000 for a violation that the covered entity should have been aware of but could not have avoided even with a reasonable amount of care.
  • Tier 3: A fine ranging from $10,000 to $50,000 for a violation suffered as a direct result of “willful neglect” of HIPAA Rules, in cases where an attempt has been made to correct the violation.
  • Tier 4: A minimum fine of $50,000 for a violation of HIPAA Rules constituting willful neglect, where no attempt has been made to correct the violation.

Reasons to Respond to Negative Patient Reviews

While these massive fines may make you reconsider even answering negative patient reviews, it is important to understand the benefits of reacting and responding to negative reviews for your medical practice. 

Gain Insight

Responding to a negative review will allow your practice to gain insight from the interaction. Maybe you thought your patient had a great experience, but little did you know they were upset the wait time was longer than expected, and they failed to mention it to you in person.

In this case, they take their complaint and put it online, so others are aware of your wait times. Not only will this negative review help you fix the root cause of the problem that other patients may be experiencing, but you can even take the conversation offline to learn more about what went wrong and how you can fix it.

Build a Relationship

Often, negative patient reviews are ignored to avoid non-HIPAA compliant responses. However, responding to negative reviews gives you the opportunity to build a relationship with the patient and further support them. Get their email so you can keep the communication going and check in on them every now and then to make sure their experience with your practice is going well. This could possibly lead to a great relationship with the patient and encourage them to share their positive experience with others. 

Staying HIPAA-Compliant When Responding to Patient Reviews

The penalties of non-HIPAA compliant responses will not only hurt your healthcare practice financially but can negatively impact your reputation. Here are a few ways to respond effectively to patient reviews while being HIPAA compliant:

Plan your response

Before you start responding to a negative review because you are eager to resolve the problem, you need to plan your response ahead of time and with thoughtful consideration. Instead of being defensive or trying to justify your side, recognize the patient’s concerns and address them politely. 

Provide a general response

You can avoid HIPAA fines by replying with a general response, such as “We appreciate you taking the time to provide us with this information. We strive to improve our patient experience and will look into this.” Make sure you avoid adding any information about the patient and their visit. 

Protect patient confidentiality

When responding to a patient review, you can’t give a detailed response online without breaking HIPAA rules. Instead, you can post a generic reply, such as thanking the reviewer for their feedback and asking him/her to contact the office offline to address specific concerns. You will want to leave your practice’s number or email address in the response so it allows for the conversation to be continued. 

Negative patient reviews will happen, but what matters most is how you handle them. The best thing your practice can do is respond to those negative reviews staying HIPAA-compliant and utilizing them to better your practice and those you serve.

To learn more about what we offer, please visit our website. Interested in hiring a professional marketing team to help grow your practice? Contact the healthcare marketing experts at LEVO Health today by calling 855-234-0232 or visiting our contact page online.


About LEVO Health Staff

LEVO Health explores the latest business trends through the lens of patients, practice managers, physicians, and sales and marketing professionals.

Leave a Reply

Let's Talk

Start a conversation - fill out the fields below and we'll get back to you within one business day.

Recent Thoughts

We Provide the Patients.
You Provide the Care.

Data Driven Healthcare Marketing, Branding
& Patient Engagement Services

Call us
Let’s Talk
Copyright © 2023 LEVO Healthcare Consulting, LLC