HIPAA Compliant Pinterest Ads with Salesforce Data Cloud

Solving the Use Case

To our knowledge, most social networks like Pinterest do not sign Business Associate Agreements (BAAs). Consequently, healthcare companies should avoid associating Protected Health Information (PHI) with Pinterest conversion events. It’s important to understand that PHI encompasses far more than many realize. It can include any element on a landing page that indicates a visitor’s intent to seek information or services related to a health condition.

That means PHI is more than the what users submit on web forms; it's also included in page titles, web URLs, page content, and any visible data. Pinterest Ads enables visitor tracking through the "Pinterest Tag," a snippet of code that captures visitor behaviors on your website. The pixel gathers both user identifiers and content identifiers to help marketers monitor conversions on ad campaigns, products, and services.

The Pinterest Tag identifies users with the following data points:

• fn
  User first name. Pinterest hashes this value.
• ln
  User last name. Pinterest hashes this value.
• em
  Represents the email address. Pinterest hashes this value.
• ph
  Represents the phone number. Pinterest hashes this value.
• db
  User date of birth. Pinterest hashes this value.
• lead_type
  Categorizes the type of lead.
• client_ip_address
  Represents the ip address.
• hashed_maids
  User's Google Advertising ID (GAID) or Apple's Identifier for Advertisers (IDFA).
• external_id
  Unique identifier from the advertiser.

The Pinterest Tag identifies the content that drives conversions using the following parameters:

• search_string
  The user's search term.
• loc
  URL of the landing page.
• ref
  Referring website.

Each Pinterest Tag parameter provides valuable insights into which pages drive conversions for specific advertisements, enabling precise performance tracking. Retaining Pinterest conversion data is essential for evaluating ad effectiveness. However, combining sensitive data with identifiable information can lead to potential HIPAA violations. To maintain HIPAA compliance while using Pinterest Ads, it is crucial to preserve conversion data while fully redacting any protected health information (PHI) from parameters such as loc, ref, and search_string.

Here is a diagram to explain:



Covered entities need a secure intermediary to bridge the gap between themselves and non-compliant platforms like Pinterest Ads. Recent updates to the OCR Bulletin advise marketers to safeguard PHI within a customer data platform (CDP). Salesforce Data Cloud, a leading CDP, is equipped to enter into a Business Associate Agreement (BAA) with covered entities, providing them with the legal framework to manage healthcare data alongside user identifiers collected from tools like the Pinterest Tag.

The Platform

To ensure HIPAA compliance with Pinterest Ads, Penrod implements a secure server-side container for data processing, coupled with a Customer Data Platform (CDP) like Salesforce Data Cloud for compliant data storage.

• The BAA-compliant CDP gathers sensitive data from web conversions.
• The BAA-compliant secure server-side container redacts Protected Health Information (PHI) from page titles, content, user-provided data, and more, ensuring that sensitive data never reaches Pinterest Ads.

The resulting platform architecture for addressing the HIPAA-compliant Pinterest Ads use case looks like this:



This ensures that identifiers are never paired with PHI, enabling healthcare companies to launch successful marketing campaigns on Pinterest.