Your guide to online patient review response
These days, most of us wouldn’t dream of visiting a restaurant or coffee shop without reading a reviews first. And, more and more choosing a healthcare provider is also predicated on online reviews! According to one survey completed by Reputation, over 72% of respondents said they read the reviews on a provider before deciding to visit, and 65% of those same respondents said it is very-to-moderately important that healthcare providers respond to reviews. So, it comes as no surprise that healthcare organizations are now also in the review business. However, one of the sticking points for review responses is how to respond in a way that doesn’t violate the strict rules of HIPAA. Most providers and healthcare organizations are hesitant to risk tens of thousands of dollars just to respond to reviews, no matter how important it may be. Luckily, there are a few tactics you can adopt to protect your organization and its providers from HIPAA-related problems while still responding to reviews to drive patient acquisition.
Take control of your online presence
First and foremost, make sure you own your organization’s profiles. Then, have your providers do the same. There are numerous platforms hosting reviews for both individual providers and organizations. However, Google and Yelp should be top of mind for your organization, along with Facebook if you’re letting people leave reviews there. If you haven’t done so already, make sure that someone in your organization has access to the profile, it has all the relevant information about your organization, and it’s been optimized for local SEO. Next, it’s important that you don’t remove negative reviews, as you want to build a sense of trust and authenticity with your audience and nothing says, “we paid for reviews,” like 1,000 five star reviews. A negative review deserves a public response to show that your organization takes these situations seriously and works to resolve them, rather than ignoring or protesting the review.
The 411 on responding to healthcare reviews
As with any component of your marketing strategy, responding to reviews takes process setup and a time investment from your team or a marketing partner. To make it easier, consider implementing the following high-level best practices:
- Create a system for responding – By creating a process and assigning responsible people, you can ensure that each review on the platforms you are monitoring gets a response. Additionally, this helps to ensure HIPAA-compliant responses as the people responding should receive training around the topic and response best practices. With a proper process, all relevant feedback can be elevated to the right channels to ensure it is addressed by the responsible parties.
- Always be courteous and open to feedback – Ideally your organization takes this approach to feedback in general, both from patients and employees. People make mistakes, doctors run behind, tests get lost, but the most important thing is for your organization to admit that mistakes happen and be open to feedback for improving. Put steps in place to assure patients that you’re working to make mistakes or issues do not happen twice due to negligence. As it relates to reviews, never accuse the reviewer of poor behavior or of telling untruths, basically, do not start an argument. It makes your organization look petty and unprofessional. Take the high road, express empathy, and tell them to get in touch directly so you can fix the situation.
- Be concise and avoid specifics – Especially in light of HIPAA regulations, it’s important to be concise and avoid any specifics when responding to reviews. Do not ever confirm or deny that a person is a patient, and do not address any aspects of their treatment. Being concise shows that you’re committed to responding but would like people to get in touch directly if there is a larger issue.
- Follow the site’s rules for responding – Most platforms will have guidelines that both the reviewer and the vendor must follow when leaving or responding to reviews. Make sure your team is trained in best practices and always follows the guidelines to prevent your profile from being removed or flagged as problematic.
How to create HIPAA-compliant online review responses
Working in the medical field means you are already very familiar with HIPAA, especially for its use in marketing materials. However, it might not be obvious how that applies to online reviews. Protected health information (PHI) is any information about a patient that can be used to identify them. For example, social security numbers, names, medical history, and more, are considered to be PHI indicators, and providers and organizations, under HIPAA, are prevented form sharing any of this information. Keep in mind: patients may share their own information in their reviews without problems! However, if a provider were to do the same or assume it is okay because the patient already shared protected information, they would face large fees and potential consequences from HIPAA. This is why it’s vital to follow the general guidelines above and the more specific HIPAA-compliant tips below.
- Do not confirm or deny the person was a patient – Part of protecting PHI means never confirming or denying if the reviewer was a patient. This can be especially troublesome if a non-patient leaves a negative review or someone confuses your clinic with another. In all situations, even positive ones, respond very generally to the review and speak to your organizations processes or commitment to customer service, not the specifics of the problem.
- Provide contact information for your clinic and take the conversation offline – Most negative reviews should have a response from the organization or provider suggesting the reviewer call the office so they can discuss further. Make it easy for patients to call or email your office, and make sure you respond! A disgruntled reviewer will only leave another angry review if you leave them hanging for days on end. Taking the conversation offline gives you both a chance to prepare and prevents you from accidentally sharing PHI.
- Always highlight your brand’s positive commitments to patient care, privacy, and providing exceptional experiences – When responding to reviews consider highlighting the values of your brand, and telling reviewers that you hear them loud and clear and aim to do better. This can also be a strategy to highlight some of the positive reviews left by satisfied patients. It’s alway good to reiterate your brand’s differentiators and it’s much easier to do when a reviewer has already mentioned one.
- If needed, respond with the reason why you aren’t addressing their concern directly – Some reviews may be very specific, and sometimes the best thing you can do is to tell the reviewer directly that privacy rules prevent you from discussing or talking about medical information in public forums. Ask them to call your office. Some people might not even be aware that a review response could lead to a HIPAA violation.
Examples of HIPAA-compliant responses
- Review: I would never recommend this office to anyone! I waited for over an hour to see the doctor and when I finally met with them they were rude and didn’t answer any of my questions. I left without more information and no plan for further care. I was also charged an obscene amount just to talk to the specialist! Unfortunately, I will not be returning.
HIPAA-compliant response: As an organization, we do our best to uphold the highest standards in care and attention for patients, but unexpected events can happen. Please call our office at (000) 000-0000 to speak with a member of our team. Privacy regulations prevent us from addressing any specific information on public forums. - Review: I never received my test results in my online patient portal and I don’t know who to contact to get them! This is very frustrating as I have a serious medical condition that needs treatment based on the lab results.
HIPAA-compliant response: We do our best to ensure timely results, and have put measures in place to ensure our technology systems are working appropriately. Please contact our administrative team at (Phone #) or send us an email at (email address). - Review: Can’t recommend this clinic highly enough! Dr. Dre was amazing and addressed all my skin concerns before giving me samples and scheduling a follow-up appointment right away. It’s great to find a doctor and clinic staff that I trust. Thanks again, and see you soon!
HIPAA-compliant response: Feedback is essential to our improvement as an organization, and for our providers. We strive to be the clinic the community calls for all their skincare needs. Thank you for your review!
Feel free to use any of the responses above to create templates for your team! If you have other questions, reach out to the MDG team. We specialize in healthcare marketing and would be delighted to help you achieve your goals.