Last year around this time we presented on data privacy trends, regulations, and predictions for 2020. Some of those predictions didn’t materialize for various reasons; COVID-19 included. State and federal legislators had a lot on their plates, so less urgent policies were put on hold.
However, we did see a trickle-down effect from California’s proactive stance on data privacy. An increasing number of organizations—including those in healthcare—are stepping up to meet consumers’ data privacy demands. These companies are not waiting for legislative action. Rather, they’ve anticipated the inevitable and understand the benefits of establishing trust with their target audiences.
Our recent webinar, “Data Privacy 2021: The Journey Continues,” reflected this growing trend in data privacy legislation. Here are some key highlights of the presentation, which focused on state- and federal-level legislation, how data privacy impacts healthcare marketers, and what to expect in the coming months.
California Continues to Lead—Who Will Follow?
With the passing of the California Consumer Privacy Act (CCPA) in 2018, the state took an aggressive step forward. Last November, an additional data privacy law was passed in California: the California Privacy Rights Act (CPRA). This new law builds upon CCPA and strengthens core components of its predecessor.
CCPA has a very broad definition of “personal information,” which includes things like olfactory and thermal data. CPRA introduces a new category of “sensitive personal information” that differentiates between core data like social security number and postal address, from more obscure data. The new law also affords individuals the right to correct their information—something CCPA surprisingly did not allow.
This gives the laws more power.
Perhaps most influential is that CPRA establishes a separate government agency dedicated to data privacy, as opposed to rolling it under a broader agency like consumer affairs. This gives the laws more power, and the new agency can make regulations without going through the legislature. This approach will serve as a guidepost for other states and even the federal government.
While multiple states, along with federal legislators, are talking about, and debating, privacy regulation, little was actually realized in 2020. Again, legislatures in general were slow last year. The good news is, they’re having those discussions now and even getting new proposals to committee. Currently, three states (New York, Minnesota, Washington) have active bills pending vote by their state legislature.
Healthcare Industry Impact
One interesting trend we’ve seen among healthcare companies (pharma, publishers, hospitals) is a deeper understanding of why data privacy is important to consumers. These organizations are increasingly interested in knowing what they need to do to comply with certain standards—even if they’re presently not beholden to lawful consequences. Many even feel very strongly about doing better than what the law requires.
At minimum, the healthcare clients we work with routinely follow these key best practices:
- Thoroughly vet data. Where was it sourced? Has it been audited by a third party? Did HCPs themselves opt in? Ask for proof, because some data vendors are willing to blur lines.
- Expect to receive physician-level data. Many larger data providers entering programmatic have been more B2C focused and aren’t accustomed to requests for target-level data. As an advertiser, you have every right to ask for it.
- Be wary of vendors that mix multiple data sets. Each contributing vendor may have different consent management frameworks or collect data in inconsistent ways.
- Know that what you invest is what you’ll get back. Using low-cost data that is inappropriately sourced or not opted-in will only lead to poor program performance (and in the case of CCPA/CPRA, potential lawsuits).
Predictions for 2021
2020 was a year of disruption. On many levels, it laid the groundwork for progressive action in 2021. What’s especially compelling about the California laws is that they are citizen-driven; they were not initiated by lawmakers, but rather, brought to a vote via California’s ballot initiative system. Consumers, including healthcare professionals, have a heightened awareness of the issues enveloped by just the presence of data—and they’re pushing for reform.
In 2021, we expect a number of milestones:
- The behind-the-scenes work done at the federal level will continue, with at least one proposal moving to a vote.
- Healthcare organizations will continue to enhance their understanding of data and the standard of privacy to which they ultimately will be held.
- Look for more citizens and groups to bring substantial lawsuits against companies that are in violation of CCPA.
- Programmatic and social will become drivers for adopting and implementing identity data.
While the cost vs. quality conundrum will never be completely solved, more healthcare marketers are recognizing that high-quality, well-sourced data is a competitive advantage—and that the opposite can actually hurt their business. These marketers are increasingly prepared to stand up to their data vendors and say, “Sorry, that data simply doesn’t meet our standards of quality.”To get a full recount of the webinar’s discussion, access the replay HERE.