Managing Your Online Reputation: HIPAA Compliance in the Wake of Online Reviews 

How to appropriately navigate online reviews


It is important to stay HIPAA compliant in the process of responding to all patient reviews, both positive and negative. Here are a few ways to navigate patient reviews while keeping HIPPA compliance in mind: 

Do not confirm the reviewer is a patient. If a patient writes a positive review, focus on thanking them for feedback. Stay general and brief. Do not confirm the reviewer made an appointment.1  Avoid statements such as “thank you for being my patient” or “I’ll see you at your next appointment.” 

Create response templates. It is best practice to respond to online reviews within two or three business days.Provide the practice staff monitoring your online reviews with a general and approved template for responses. This can help you be HIPAA compliant while speeding up response time and staying on message. 

Keep it short. Wordy responses can put you in a HIPAA warning zone. Be as brief and general as possible--this can help make answering online reviews easier, as well as acknowledging a patient’s feedback.


1. "How to respond to the 3 most common types of patient reviews (while remaining HIPAA compliant),",

2. "The Do’s and Don’ts for Responding to Patient Reviews in a HIPAA-Compliant Way,",

*VSP cannot and does not provide professional, financial, medical, or legal advice. Interested applicants should consult with profesional association guidelines, state labor resources, financial advisors, and/or an attorney for advice.

Check Premier Edge Status