HIPAA Compliant Google Ads with Salesforce Data Cloud

Solving the Use Case

When using Google Ads, healthcare companies can't pair PHI with conversion events because Google Ads won't sign a BAA. What constitutes PHI? Anything on a landing page that signals a visitor's intent to seek treatment for healthcare conditions. The possibilities are quite broad, ranging from colonoscopies to asking for more information about a medical device.

Keep in mind that it's not just about user input. PHI could be in the page title, the URL, the page content, or wherever else information is displayed.

Once a users clicks on an ad, Google Ads identifies them with the following data points:

• GLCID
  GLCID is the Google Click Identifier, a unique code containing letters and numbers. This is added to the destination URL when someone clicks a Google Ad and identifies the source campaign, tracks user activity, and stores other attributes of the click.
• WBRAID
  WBRAID is a URL parameter that measures conversions between apps and websites. This is particularly useful for traffic from iOS devices.
• GBRAID
  GBRAID is similar to WBRAID, except it handles conversions between apps and websites on devices running iOS 14.5 and later. It's a result of Apple's App Tracking Transparency Guidelines (ATT) that cracked down on user privacy.
• Session
  Session is a collection of the interactions a visitor has with a website over a defined period of time. This means that a session can include multiple events, transactions, impressions, or page views.

Each of these data points are important to identifying who converted on a specific ad. As a result, solving this use case – and making Google Ads HIPAA compliant – rests in our ability to retain this data while redacting PHI.

Here is a diagram of what we're trying to achieve:

In order to handle the data redaction, healthcare marketers need an intermediary between themselves and the non-compliant ad platform, in this case Google Ads. According to updates made to the OCR Bulletin, the HHS recommends marketers can safeguard PHI in a customer data platform (CDP). CDP providers like Salesforce Data Cloud will sign a BAA with regulated entities, meaning that they have legal authority to handle PHI when paired with user identifiers.

The Platform

To solve this use case, we configure a platform that contains a secure server side container, and a CDP like Salesforce Data Cloud.

• The BAA-protected CDP receives raw data from landing page conversion.
• The BAA-protected secure server side container hosted in Google Cloud platform contains redaction scripts to remove any PHI from page titles, page content, user provided data, and more.

The final platform topography for solving the HIPAA compliant Google Ads use case looks something like this:

The platform ensures that user identifiers during conversion events are never paired with PHI, allowing healthcare marketers to use Google Ads to create powerful marketing campaigns.