Healthcare Web Analytics in 2023: Get Your Data In Order

On December 1, 2022, the U.S. Department of Health and Human Services’ (HHS) Office of Civil Rights (OCR) issued a bulletin stating that the use of third-party cookies, pixels, and other tracking technology by healthcare companies may be violating the Health Insurance Portability and Accountability Act (HIPAA). This is in the wake of a year of unprecedented data breaches involving business associates, or third-party vendors, throughout the healthcare industry. 

Bar chart showing a steep increase in healthcare data breaches since 2016

2022 saw over 700 healthcare data breaches impacting more than 50 million individuals. And nearly a third of the ten most significant breaches were due to third-party tracking pixels from companies like Google and Meta (Facebook). While Google and Meta help companies understand their website and other owned properties’ usage, users of the platform have inadvertently also exposed data ranging from personally identifiable information such as Social Security numbers, driver’s license numbers, and financial account information to medical record numbers, insurance account numbers, and more.

Chart showing healthcare analytics data breaches by entity

Such breaches come with hefty financial penalties, including fines, settlements, and other repercussions for the entities involved. But a more significant impact is felt by the consumer whose data has been compromised, as stolen personal information can result in identity theft. And recovery from identity theft is often a long and burdensome process.  

Graph showing a steep increase in the number of individuals impacted by healthcare analytics breaches since 2016

Up until last December when HHS issued its bulletin, it had not provided formal guidelines regarding sensitive healthcare data and HIPAA relative to online tracking technologies. So what does this announcement mean and how can healthcare organizations stay HIPAA compliant?

What do the HHS changes mean for healthcare organizations?

A good starting point is an understanding of the technologies involved and the risks they pose. The HHS announcement specifically speaks to tracking technologies, often third-party, which are generally anonymized. Tracking cookies, specifically pixels, are tiny bits of embedded code used to track a site visitor’s online activity. The data collected from the pixels provides insights that allow the site owner to develop marketing strategies, such as on-site personalized experiences and off-site retargeting campaigns, specific to each site visitor’s behaviors and interactions.

The problem? Many healthcare organizations are using third-party pixels to gain a better understanding of how they can optimize the digital experiences within their public-facing websites and patient portals. And these pixels may be sharing protected health information (PHI) inadvertently with third parties. Most often, the concern lies with pixels on the patient portal, a secure website or application where patients can access and interact with their health data. But PHI can also be collected from the public website and mobile apps in the form of cookies, web beacons, fingerprinting scripts, and other scripts. 

So what constitutes PHI? 

Protected health information is any information related to an individual’s past, present, or future health, healthcare, or payment for healthcare. This includes, but is not limited to:

  • Medical records, be they physical, electronic, or spoken
  • Information pertaining to billing, insurance, or of any financial aspect of an individual’s health or healthcare
  • Demographic information
  • Mental health conditions
  • Tests and laboratory results 
  • All information related to an individual’s diagnosis, treatment, or prognosis
  • Anonymous session user ID

As of December 1, 2022, anonymous session user ID is considered PHI.

Anonymous user identification allows the website to anonymously identify unique site visitors without the user having to log in or consent to a tracking cookie. Anonymous sessions are captured and aggregated and can include data such as (but not limited to) the user’s IP address, geographic location, language, device, and mobile carrier, but is generally, as the name suggests, anonymous. However, HHS has deemed that these data points connect the individual to the entity and therefore can be related to the individual’s past, present, or future health, healthcare, or payment for healthcare.

The addition of anonymous session user ID considered as PHI now adds additional complexity to an already confusing data security landscape. Furthermore, in order to protect themselves and their patients, the onus is on healthcare providers to ensure they and their partners are not improperly using tracking technology on the healthcare provider’s digital properties, mobile apps, etc.

How can healthcare organizations keep web analytics HIPAA compliant?

As there is no easy website or mobile app consent solution, it is best to develop a compliant strategy that will protect both the healthcare organization and its consumers. Developing a compliant strategy requires engaging all departments (marketing, marketing analytics, legal, IT, etc.) and ensuring organizational alignment around it. This starts with examining your current analytics tech stack to determine if it meets both the organization’s needs and HHS requirements.

Is Google Analytics HIPAA compliant?

Over 28 million websites worldwide currently use Google Analytics, over four million of which are in the United States. Of all U.S. industries that use Google Analytics, hospital and healthcare companies are the third most prevalent. Google Analytics isn’t the only option for tracking website data, but it has the largest market share, and for good reason. It is robust and intuitive. But Google Analytics has also faced challenges, having been banned in a few European countries due to General Data Protection Regulations (GDPR) violations. Google did take steps toward addressing the European Union’s GDPR requirements with its recent release of GA4.

So, does Google Analytics meet the new requirements outlined in the HHS bulletin? The simple answer is no. In basic and 360 configurations, GA3 and GA4 no longer meet the HHS compliance requirements. This is primarily due to specific attributes of the data sets, specifically the session and user ID dimensions. 

As a result, healthcare companies are expediting their searches for alternative platforms that will provide organizations with the information they need to measure their digital customer experiences and — more importantly — store that data securely.

What are the best next steps toward achieving compliance?

The first step is to identify and outline requirements for a cohesive transition to a new, compliant platform. The most important of these requirements is a HIPAA-compliant analytics platform provider, one that will be covered under a Business Associates Agreement (BAA). The good news is there are a handful of platforms available that fit this important need. 

Additionally, all businesses are unique and have priorities that must be considered when planning a transition to a new analytics platform. Some examples of priorities might include ease of implementation, tag management capabilities, user limits, integrations with other Google products, and interface complexity, among other things. 

Once requirements have been prioritized across internal teams, analytics owners will be able to guide a best-fit decision.

Whether your organization has been using Universal Analytics for years or you have recently migrated to GA4, Tallwave can help you organize around your requirements, gain internal alignment, and provide expertise on next best options all the way through the implementation and reporting transition. Reach out when you’re ready to learn more.

Customer Engagement Highlights Strategy

Better Together: A Paid Media and CRO Marketing Love Story

Picture this, you’re executing a holistic paid media strategy, driving traffic to your website through a broad range of tactics like digital video, streaming audio, display, paid social, and paid search. Paid media is living the good life, racking up impressions, driving ad engagement, and generating some conversions along the way. But something is missing…

Conversion rate optimization (CRO) marketing, a strategic method of testing, iterating, and optimizing on-site functionality to improve the user experience and increase the rate of conversion (or high-value action), is sitting on the other side of town, pulling petals off a daisy, waiting to find a partner who can produce the quality traffic and insights it needs to really thrive. A partner to complete him…

Both paid media and CRO are integral parts of an efficient and effective marketing plan, but oftentimes are treated as independent tactics with little regard for one another. Much opportunity is missed by only running one of these programs or by running them in silos.

Integrate your paid media and CRO strategies and watch the sparks fly.

Two Lovable Leads: Paid Media & CRO

Our love story begins with two independent marketing tactics, paid media and CRO, living worlds apart (or perhaps just a siloed marketing team away), not realizing just how incomplete they are without one another. Existing as stand-alone tactics, paid media and CRO will generally (hopefully) produce positive results for their campaigns, but are limited in their respective abilities.

Most comprehensive marketing plans include paid media. It’s a great way to get in front of your target audience, build brand awareness, and drive traffic to your website. In fact, marketers typically spend up to 25% of their marketing budget on paid media.

That’s a huge investment!

But what happens when those prospective customers get to the website?

If they encounter a poor landing page experience, they may get lost trying to navigate through on-site information, they may abandon cart before finalizing a purchase, or — worse yet — they may just … bounce. A poor user experience on-site greatly reduces the chance for conversion, causing something of a leaky bucket situation, in which site visitors fall through before converting. And then all that time, money, and effort you spent trying to drive traffic to your site through paid media was… kind of a waste.

Since paid media success is often evaluated based on its ability to convert traffic, a poor landing page experience can be detrimental to a paid media campaign. To further amplify the pain felt here, paid media marketers often don’t have the ability to control the landing page experience, which can fuel frustration and drive misalignment between paid media tactics and performance. If only there were something that could help plug that leaky bucket….

Meanwhile, still hanging out on the other side of town, CRO is becoming a more popular tactic with marketers. More companies are investing in CRO strategy to identify and address weak areas on the website that may be impacting the user experience and actively working against the company’s goals. CRO allows marketers to systematically test various iterations of website functionality to determine which iterations are most impactful in weeding out points of friction and producing conversions (or any high-value action, like a lead form submission, an “add to cart,” a search query, etc.).

And CRO isn’t limited to just major points of conversion, like transactions and lead form submissions. It can also be applied to “micro-conversions,” or behaviors that sit just upstream of the point of conversion, such as product page views, in an effort to address the larger user journey.

But CRO only works if enough quality traffic is being driven to the website to run tests that yield statistically significant results.

The Meet Cute: Where Two Digital Marketing Strategies Come Together

So paid media and CRO might get along just fine on their own, but bring them together …

Fireworks bursting on a dark sky.


By running these two tactics in tandem, always-on paid media ensures enough traffic is flowing to the website for the CRO team to run impactful and efficient tests. In addition to traffic volume, a strong paid media plan will also help ensure that quality traffic is being driven to the site, which is crucial for producing meaningful CRO test results. The more qualified traffic coming to site, the quicker CRO tests can produce data-driven insights, the quicker actions can be taken to make UX improvements on-site, and the quicker you’ll see a lift in conversions.

Likewise, an active CRO strategy helps ensure that users who come to the website through paid media efforts can seamlessly work their way through the conversion path. An investment in CRO helps protect your paid media investment by keeping visitors on-site and increasing their likelihood of converting, which in turn boosts important KPIs like conversion rate and return on ad spend.

Building Butterflies: 1 + 1 = 3

But here’s where the real magic happens.

By running these two tactics as part of one integrated strategy, you now have a constant flow of data between the two. And data, as we all know, is king. Paid media insights can help the CRO team better understand who the target audience is. Knowing who is engaging with ads can help establish tests for how best to connect to those audiences on site. Learnings from CRO tests may impact paid media channels, placements, targeting, and creative recommendations. The constant flow of learnings between teams will increase the ability for both teams to identify tests, optimize features, and effectively connect with the target audience. And, perhaps most importantly, when CRO and paid media come together, they create a more seamless brand experience that is felt by the user.

Through an effective paid media and CRO relationship, messaging, creative design, and paid media placement will feel cohesive when a prospective customer clicks through an ad to the website, rather than feeling like two separate experiences.  Leveraging paid media and CRO together makes marketing plans more effective and marketing budgets more efficient.

No love story is complete without a montage!

The Lightbulb Moment: Recognizing the Need for a Paid Media & CRO Relationship

So how do you know when you might benefit from an integrated paid media and CRO strategy?

The following indicators suggest that your paid media traffic is being met with a poor user experience on-site and is in need of CRO:

  • Paid media traffic has a bounce rate over 80%
  • Paid media traffic is spending a lot of time on-site and/or visiting many pages on-site, but isn’t taking any high-value actions
  • Paid media users begin the conversion process (E.g., adding an item to cart), but ultimately do not convert (E.g., complete purchase)

The following indicators suggest that your CRO marketing program is in need of more qualified traffic via a new or improved paid media plan:

  • Not enough traffic to produce statistically significant test results in a reasonable amount of time
  • Poor quality of leads (suggesting that the wrong audience is engaging on-site)

Running paid media or CRO alone is beneficial for your marketing program. Running both paid media and CRO  is even better. Running paid media and CRO as part of an integrated, seamless strategy with data as a driving force… that’s a love story for the ages.

You Complete Me

Tallwave is ready to play matchmaker when it comes to marrying paid media and CRO marketing. We’ve helped many clients find success.

Interested to know how Tallwave can help you implement an impactful paid media and CRO strategy? Let’s talk!

Highlights Strategy

Uncover the Benefits of Featured Snippets in Your Web Strategy

Google’s organic search experience is designed to put users first. New search features and refined results connect users with what they need to make educated decisions about everything from what products to purchase to what site presents the most authoritative information needed to solve a problem. Google rolled out featured snippets to the search engine results pages (SERPs) in 2018 and has since transformed the way information is accessed and user questions are answered.

Even five years after launch, featured snippets and the strategy behind them come with many benefits. From increased click-through rates to enhanced user trust, winning a snippet puts you at a major advantage over competitors vying for the same keyword.

As of today, nearly 20% of all searches deliver results that include a featured snippet. This makes snippet strategy essential to organic search rankings, customer experience, and even conversion rates. Focusing on an organic web strategy and winning featured snippets is more important now than ever, as this can help combat the increasing costs and stagnating results many businesses are seeing with paid search placements.

What Are Featured Snippets?

Featured snippets are extended blocks of information intended to give users a quick answer to their questions or search queries. Users might see a list, chart, or fact at the top of the page that provides instant access to the information they seek. Paragraph snippets are the most common type of featured snippet, accounting for 82% of all snippets and providing rich information to answer search queries. 

You might consider featured snippet location on the SERP as “position 0,” the coveted spot between paid results and the rest of the organic results. This position is quite desirable—you can’t pay for this placement and landing here proves that Google has determined your content to be of exceptional value to the reader.

An image of a paragraph featured snippet.

Featured snippets can mean different things to users and to content marketers. 

To users, a featured snippet means their question is immediately answered and they can instantly access a web page with helpful content and authoritative information about their query.

To content marketers and SEO and UX/CX experts, featured snippets are SERP spotlights that give their quality content and web strategy an edge over the competition and should be an essential part of their digital marketing strategies.

Why Are Featured Snippets Important?

Featured snippets are more than just an important part of organic web strategy, they’re essential. There are at least four ways featured snippets can benefit your business:

  1. Increase Web Traffic and Improve CTR: Our numbers show that owning a featured snippet can increase CTR by more than 850%, driving even more traffic to your website and consumers into your sales funnel.
  2. Boost Brand Awareness: Landing at the top of the SERP with extra real estate increases visibility for your brand or business. It demands consumer attention.
  3. Grow Website Authority: Featured snippets are a serious factor in building domain and page authority as they lead to better and more qualified traffic to your website.
  4. Optimize Conversion Rates: Featured snippets can usher in users who are likely to become customers by answering their questions and providing need-to-know-now information.

Another unique benefit of including featured snippets in your web strategy is related to the increasing prevalence of voice search. Voice assistants and tools like Amazon’s Echo, Apple’s Siri, and Google Home are increasingly common in many homes and vehicles. According to December 2022 reports from Statista,  35% of all households in the United States own smart speakers. Voice search queries are among the most common way users interact with these devices. And in many cases, voice search devices answer questions by citing a featured snippet.

There’s still much more to the snippet equation and Tallwave’s proprietary research proves it. Let’s look at some of Tallwave’s unique specifics and statistics about the benefits of featured snippets for your business and web strategy.

How Tallwave Clients Win with Snippet Strategy

In-depth analysis and data-fueled strategy are essential parts of Tallwave’s approach.

We put that approach to work within the organic search strategy for a large regional healthcare client to help them win featured snippets, gaining prime visibility ahead of other organic search results and enhancing the authority of their brand. 

Here’s how we did it and what we learned along the way.

How Can Featured Snippets Drive Growth?

Tallwave wanted to better understand what kind of content Google found “snippet-worthy” and how to apply these features to drive growth. To do this, we looked for trends and commonalities among snippet-winning content to determine what Google evaluates as high-value and the impact snippets have on website engagement.

As such, Tallwave analyzed more than 1,000 featured snippets owned by a client’s (a major healthcare provider) website in 2022. Of these 1,000 featured snippets, 98% belonged to approximately 50 posts on the website’s blog.

Tallwave started by comparing the click-through rate (CTR) for keywords that owned featured snippets to all other ranking keywords on the site. When it comes to organic searches, CTR refers to the number of impressions seen in the SERPs divided by the number of users who clicked through to the site. 

For this client, the average click-through rate for a snippet-owning keyword in position one on the site was 25.9%. The average CTR across the entire website was 2.7%. Owning a featured snippet for a search term helped us boost the client’s site clicks by an impressive 859%. 

Not only does a high CTR drive traffic to the site, but Google has consistently hinted its algorithm considers CTR as a ranking factor.

An infographic shows the value of featured snippet

Snippets Have Serious Imapct on CTR

The kind of keyword that won a featured snippet was also an important consideration in Tallwave’s analysis. Out of the client’s 1,000 snippet-owning keywords, 91% represented searches with “informational” intent, implying the searcher was looking for information needed to solve a problem. Presenting the information the searcher needs when they need it establishes your business as an expert or solution, sending the searcher down the sales funnel toward converting. 

While a featured snippet for an informational term might not win an immediate conversion, it certainly adds to visibility and helps establish your website’s authority and business credibility. Data from HubSpot suggests it takes around eight touches to lead a customer toward conversion. A featured snippet with rich, relevant results that directly answer a consumer’s need is a high-value touchpoint and will likely help keep your brand top of mind when they are ready to take action.

What Factors Help Content Win Featured Snippets?

In addition to analyzing the CTR and type of keywords winning snippets, Tallwave also examined factors that make a blog post or web page “snippet-worthy” in Google’s eyes. This gives us unique, specific, and proprietary information that can be applied across clients to help create content that drives awareness and promotes high-value engagement.

Here are some of the key factors we’ve uncovered in working with our clients that you should consider in your organic search strategy:

  • Make Keywords Clear: Many blog posts with featured snippets include a primary keyword in the form of a question in the headers and body copy. 
  • Longtail Keywords Set Off Snippets: Longtail keywords are highly-specific search queries, often 3 to 5 words in length. These kinds of searches are more likely to trigger snippets for users seeking immediate answers.
  • Prudent Header Placement Wins: Strategically placing H2s and H3s within website content increases the likelihood of that page or post winning a snippet.
  • Outperform Competitors with Word Count: Blog posts and website pages with a competitive word count consistent with (or slightly higher than) the competition’s copy and with a specific number of words between headers (H2s, H3s) help content win snippets.
  • Latent Semantic Indexing (LSI) Works: Latent semantic indexing occurs when SERP results are populated based on similar and conceptual keywords. For example, a blog post about anxiety might include supporting related terms like “depression,” “mental health,” “phobias,” or “panic.” The use of these related keywords might also increase the likelihood of content owning a featured snippet.

Reap the Benefits of Snippet Strategy

The benefits of featured snippets abound. Winning featured snippets and “position 0” SERP placement directly translates into contextualized search visibility for your brand or business, increased and better-qualified website traffic, proven website authority, and, ultimately, more customer conversions.

Providing SEO solutions and website and content strategy is just part of how Tallwave wants to drive your success. As a leader in providing integrated marketing solutions and more to both established and up-and-coming brands, Tallwave is ready to deploy our customer-centric and cohesive approach in a way that is unique to your vision and creates exceptional experiences for consumers of all kinds. From customer journey mapping to paid media services to product design and beyond, we’re ready to talk about how we can help your business win.

Highlights Strategy

Prepare, Survive, Thrive: CX Strategies to Recession-Proof Your Business

But is This a True Recession?

That depends on your school of thought. Generally, a recession is a period of economic decline in which the gross domestic product (GDP) of a country falls for two consecutive quarters. However, there are many other factors to consider. Check out our white paper for more detailed information on recessions and recession-proofing strategies.


Though there is much academic debate around whether we’re technically in a recession or not, consumers are wary, and once again discretionary spending is trending down. As a general guideline, the National Bureau of Economic Research states that a recession lasts around 11 months on average, but the effects can be felt long after it has officially ended. So whether this economic downturn is a recession or a harbinger of one to come, savvy business leaders are positioning their companies to adapt so they can strategically navigate this challenging market.

Proven Recession Resilience Strategies

We’ve been here before. The recession brought on by the dot-com crash negatively affected a generation of investors, and though it was shorter-lived, it left a lasting impact. Most recently, the Great Recession of 2007-09. And though many businesses faced insurmountable challenges, others thrived. Here’s a look at some strategies leveraged by a few companies that came out stronger in the end.

Invest in Empathy

At the start of the Great Recession, Starbucks was struggling. The former king of coffee closed hundreds of stores, laid off thousands of employees, and was saddled with a pretentious image that alienated it in a time of financial insecurity. In 2008, under new (returning) CEO leadership, Starbucks immediately shifted focus to reignite the emotional attachment with its customers.

Starbucks developed a social program where customers could share ideas with each other and the company, giving input on products, services, in-store music and layout, and even corporate social responsibility. And Starbucks leadership listened—they implemented over 100 of their customer’s ideas! One of the first corporations to invest in a mobile app, Starbucks met its customers where they were, reigniting the brand by reestablishing trust, building a vibrant online community, and developing a devoted following.

Double Down on Brand

On the brink of disaster in 2008, Citigroup did an about-face, pivoting from a product-centered strategy to a client-first focus. Citigroup’s vision, mission, and strategic objectives became its driving force. It invested in understanding its individual customers, focusing on segments within each generation and catering to their diverse needs. Citigroup developed technology to measure customer feedback, allowing the bank to react and improve trust. It launched and maintained a social network presence that directly enhanced its brand image. The banking giant invested in its people, training and promoting top talent. Additionally, Citigroup segmented its products and services and operationalized a similar strategy for corporate, government, and business customers.

Since its near destruction in the Great Recession, Citigroup has focused on rebuilding its reputation and its been successful. The company continues to rank very highly in customer satisfaction, according to J.D. Power, American Customer Satisfaction Index, and their steadily improving Net Promoter Score.

Market Smarter

Facing many challenges leading up to the Great Recession, Netflix invested in research and development and strategic marketing to not only survive the recession but thrive in it. Netflix was going up against Blockbuster and Redbox in the physical DVD rental space and struggling to win market share. But when consumer spending sharply dropped, Netflix not only doubled down on its convenient mail-order model of movie rental but, having taken note of the role played by video game consoles and the all-new Smart TV, it pioneered an alternative method of media consumption: online streaming offered at a price lower than that of cable and satellite providers. Through strategic partnerships, Netflix targeted consumers with gaming platforms, streaming devices, and Smart TVs to promote a low-cost, no-late-fee, convenient, in-home entertainment option. Exactly what the budget-conscious consumer wanted.

Netflix has continued to be a leader in data- and customer-driven integrated marketing, creating a seamless, personalized experience for its users across all demographic groups. It continually optimizes the user experience based on user preferences to actively engage customers, not only enhancing their experience, but informing Netflix’s user data so it can continue to effectively personalize its customers’ experiences.

Increase Operational Efficiency

When economic crises hit, simply lowering headcount and reducing costs across your budget can help in the short term. But the most resilient and top-performing companies to emerge from the Great Recession focused their energies on improving operational efficiency. This strategy not only helped businesses survive the recession but succeed beyond the economic downturn by maintaining their momentum. After the dot-com bubble burst, devastating the tech sector, Target took a daring but well-calculated approach. During the recession, Target drastically improved productivity and supply chain operations through strategic partnerships. Additionally, it increased its marketing and sales spend, ramped up investment in credit card programs, opened more stores, and grew its internet business. And these measures paid off handsomely. Over the course of the recession, Target saw increased sales and profits that lasted well after the economy righted itself.

Target continues to invest in operational efficiency. In 2020, coming out of a record-breaking year, Target invested heavily in fulfillment services and supply chain to reduce friction points and scale capabilities. Additionally, and equally important, Target continues to invest in technology to provide customers with a more personalized and streamlined experience, increasing loyalty and driving growth.

Recession-Proofing Recommendations and Approaches

While many businesses failed in past recessions and economic downturns, the businesses featured above show that investment in resilience strategies can help companies both navigate challenging markets and carry the benefits of those investments into the future. Understanding and optimizing your customers’ experiences, strategically marketing your products and services, defining and refining your brand, and increasing operational efficiencies are solid strategies to drive customer acquisition and loyalty, increase market share, and drive growth.

Economists have predicted a 40-70% probability of a global recession in the next 18 months. While there is uncertainty regarding when, to what degree, or even if we will enter a true recession, looming economic uncertainty poses many of the same challenges.

What Other Business Leaders Are Doing to Prepare

We spoke with partners and business leaders across multiple industries to find out how they’re preparing for a potential recession—what they’re doing to protect their businesses and, where possible, gain an advantage over their competitors. Read our in-depth report Recession Proof Your Business: CX Strategies for Recession Resilience for valuable insights, expert opinions, and strategic approaches on how to prepare your business to not only survive but thrive in a challenging economic environment.

Ready to Increase Your Business’s Recession Resilience?

There are a lot of questions surrounding the current economic environment, and whether or not we are technically in a recession or one is on the horizon, investment in a strong CX strategy will help position your business to withstand challenging economic conditions. Ready to learn more? Let’s chat!


Play Video

Bunger Steel

Doing some things and making some impacts