Text Decoration text decoration

We Make Google Analytics HIPAA Compliant

Don't stop using Google Analytics to build audiences, track behaviors, and measure results – make it HIPAA compliant by complying with the HHS ruling and get a fresh start with GA.

Text Decoration text decoration
Text Decoration text decoration
Google Anal y ti c s Y our W ebsite B A P e r i m e t e r Health Conditions Health Conditions Secured   Data      IP Address    Geo Location
Text Decoration text decoration
Google Analytics for Healthcare

Safeguard ePHI without sacrificing marketing power.

Leverage the power of Google Analytics to build audiences, track behaviors, and measure results.

Secure Your Environment

Get a secure Google Analytics environment that keeps PHI within your control – and away from non-compliant third-parties

Block Sensitive PHI

De-Identify sensitive PHI with a private key before it hits Google Analytics' servers, allowing you to utilize the power of Google Analytics without identifying patients

Built on Salesforce Data Cloud

Unify patient data, take action in real-time, and leverage the power of Google Analytics in a secure environment.

Text Decoration text decoration
Text Decoration text decoration
Featured Resource

Navigating the Waters of HIPAA Compliance in Digital Marketing

This on-demand webinar helps you unlock the full potential of your healthcare marketing efforts while protecting patient privacy.

Watch Now →
Person thinking about HIPAA Compliant Google Analytics
Text Decoration text decoration
HHS Compliant

HHS recommends Customer Data Platforms for OCR Compliance

We check all the boxes of the latest OCR bulletin.

Signed BAAPenrod signs a BAA with you
De-Identified DataPenrod de-identifies sensitive PHI from your website visitors
No PHI DisclosurePenrod only sends de-identified data to Google Analytics

Questions and Answers

Google Analytics is a web tracking tool used by millions of businesses to analyze website traffic. It provides in-depth insights about visitor behavior, demographics, and website performance.

Not out-of-the-box. According to Google themselves, "Customers who are subject to HIPAA must not use Google Analytics in any way that implicates Google’s access to, or collection of, PHI, and may only use Google Analytics on pages that are not HIPAA-covered."

Because without proper configuration, websites with a Google Analytics tag disclose PHI to Google. Something as simple as a page title that contains a health condition could be considered a violation of HIPAA because that data can be paired with a user identifier.

Yes, by filtering sensitive PHI from reaching Google's servers. This requires the configuration of a server side container and de-identification of potential PHI.

It depends on the complexity of your Google Analytics environment and the number of events you are tracking. However, compliance can be reached in as little as two weeks.

Featured Articles

Text Decoration text decoration
Text Decoration text decoration
Blog

What the AHA Lawsuit Means for Healthcare and Tracking Tech

 Read More →
Text Decoration text decoration
Text Decoration text decoration
Blog

Meta Ads and HIPAA Compliance

 Read More →
Text Decoration text decoration
Text Decoration text decoration
Blog

Google Ads and HIPAA Compliance

 Read More →
Text Decoration text decoration
Text Decoration text decoration
Blog

A Complete Guide to the OCR Ruling

 Read More →
Text Decoration text decoration
Text Decoration text decoration
Get a Free Action Plan

Ready to make Google Analytics HIPAA compliant?

Leverage the power of Google Analytics to build audiences, track behaviors, and measure results.

In this meeting, you'll:

  • Get an OCR + HIPAA analysis of your current website
  • Get a Free HIPAA Compliance Action Plan
By submitting this form, you confirm that you have read and agree to the Penrod privacy policy.

Trusted by the the leaders in healthcare and life sciences.