TP453: When State Laws Supersede HIPAA: Privacy and the Marketing Funnel
Description
For years, HIPAA has been the rulebook for healthcare privacy. But in 2025, the real drivers of risk (and opportunity) come from state laws, FTC enforcement, and lawsuits that extend well beyond traditional PHI. In this episode, Chris Boyer and Reed Smith explore:
Why state privacy laws are reshaping digital marketing more than HIPAA.
How the marketing funnel is being rewritten, with upper-funnel tactics carrying the highest risk.
Whether health systems should shift back to safer group-based targeting and focus more on owned channels.
How AI fits into this conversation — transformational for efficiency, but potentially dangerous in third-party advertising contexts.
Jeremy Mittler, CEO and Cofounder of Blueprint Audiences, unpacks how state laws are colliding with HIPAA, what enforcement trends are signaling to health systems, and why privacy must be built into every stage of the funnel.
Mentions from the Show:
IAPP US State Privacy Legislation Tracker
HHS OCR Bulletin: Use of Online Tracking Technologies by HIPAA-Covered Entities
IAPP: Key Trends in U.S. State Privacy Law Amendments (2025)
Court Vacates Portion of OCR Guidance Regarding Proscribed Combination
OCR Updates Guidance on Use of Online Tracking Technologies (Mar 2024)
Learn more about your ad choices. Visit megaphone.fm/adchoices
United States
