townsend.bunksite.com

Tag: privacy

5 Things American Businesses Need to Know About GDPR

In the wake of the Cambridge Analytica scandal here in the U.S., the General Data Protection Regulation (GDPR) was established by the European Union in May to give users complete transparency on how their data is or will be used. Here’s everything you need to know about GDPR and how it will affect marketers not just in Europe but here at home as well.

1. Why Did the EU Create GDPR?

GDPR went into effect on May 25, 2018. It was initially approved by the EU in 2016, well before the news of the Cambridge Analytica data misuse broke. However, it’s hard not to associate one with the other because of the timing. To provide a bit of context, I will quickly outline the details of the Cambridge Analytica case. The data of an estimated 80 million Facebook users was sold and then used to create “psychographic” profiles of American voters. This data was collected through a seemingly harmless personality test called “thisisyourdigitallife.” The test filed away the data of participants and their Facebook friends. The participants unwittingly gave the app’s developers access to this data because by opting to take the test, they agreed to the test’s terms of service, which granted the test access to their information as well as their friends’.

Though this example of misuse has brought personal data protection to the forefront of the world’s attention, this is not a new practice. The personality test in question was launched in 2014, and people have been using similar techniques to acquire user data for years. The difference is that we rarely questioned the terms of service we agreed to for things like apps, free wifi, and other services in the past.

2. What Does GDPR do?

GDPR aims to give users more information on how their data will be used. Its central goals are to keep users informed and to require their consent. The exchange of data for free services such as Facebook and Google can be a fair one. The text of the GDPR legislation is a decent read and is broken into chapters here. Any sites or services attempting to collect data must do so transparently, with “unambiguous” and “specific” purposes. “Data subjects” must be able to request logs of all of the data collected about them and then allowed to ask for the data to be corrected or deleted (appropriately named the “right to rectification” and the “right to be forgotten,” respectively). Also, businesses cannot deny or restrict services to users who opt out of data collection.

3. Does GDPR Apply to US Businesses?

Strictly speaking, GDPR applies only to EEA (European Economic Area, see image) citizens while they are in EEA countries, so one might expect that it won’t have a huge effect on American companies that only operate within the United States. However, because the internet is global in nature, it’s rarely that simple. Websites run by American businesses are frequently visited by people around the world.

Tourism is one of the industries that will be most affected. 39.4 percent of the American tourism market is comprised of European travelers. Zoos, museums, aquariums, and other attractions should review their data and cookie collection methods.

Also, American businesses must ensure that data they receive or purchase about EEA citizens were collected using techniques aligned with GDPR’s regulations.

4. What Can You Do to Make Sure Your Business Is Compliant?

GDPR isn’t intended to stop all data collection or to make targeted marketing less effective. On the front end, the main changes businesses would need to make to adhere to GDPR are stating that they are tracking user data and then how they plan to use the data, whether it’s cookies for remarketing, user session data for site analytics, or other reasons. Further down the line, companies would need to ensure that their records are well-maintained so that they can provide users with their data should there be a need to review or delete them. The key is transparency. As long as you let users know what you’re doing and why, there shouldn’t be any issues.

5. Will the U.S. Adopt Similar Policies?

Anyone who watched Mark Zuckerberg’s testimony to Congress in April might not think there will be changes in US data privacy laws anytime soon. The questions some congressmen and women asked revealed a lack of technical knowledge, as noted by Vox. However, on May 22 Vermont passed the nation’s first data privacy law. Vermont’s legislation focuses on “data brokers,” companies that sell or license data about their consumers to third-party companies that do not have a direct relationship with the consumer whose data they are purchasing.

A few weeks ago California passed a law that is more all-encompassing than Vermont’s. Similar to GDPR, the law requires businesses to state the type of data they are collecting and how they plan to use it. These changes will not go into effect until 2020, but the process was pushed along because Californian lawmakers were pressured by a grassroots ballot initiative with measures even more stringent than the bill the state passed.

Due to public outcry and interest, other states are bound to follow suit, so there’s never been a better time to review your data collection practices and consider how easily they can be adjusted to fit the level of transparency that is becoming the new standard.

Consult With Experts Who Are Up to Industry Standards

At Search Influence, we consistently stay apprised of new industry standards and regulations regarding how our client’s information is disseminated, including GDPR. Our goal is to help your business grow and optimize your potential online, all while making sure your business is in compliance with data protection laws. If you’d like professional insight into how we can help your business thrive, call 504-336-3422 or request a proposal online today.

Images:

EEA Map

Mark Zuckerberg

July 24, 2018
Growing Your Practice on Facebook, Part 5: Patient Confidentiality Considerations

In our last blog, you learned how to capture your audience with engaging content and analyze the results. Now that you understand what it takes to connect with your patients, we’ll take a look at common obstacles medical practices face when posting on Facebook.

Social media and the healthcare industry can seem in opposition at times. One is about sharing and transparency, while the other hinges on patient confidentiality and privacy. But the irony is that the medical industry is not immune from the benefits and trends of platforms like Facebook.

Facebook is a wonderful resource for any industry looking to grow their business. Potential clients and patients desire access to the goings-on of a medical facility or hospital, and similar to peeking in on the page of a friend or associate, patients expect to see their doctor’s office online, too. Uploading staff happenings or posting about a new procedure is invaluable to the cause. But what happens when patient confidentiality is violated? In the era of “clicks,” the two opposing parties of health care and social media must become friends. Although there’s a fine line to walk when working within HIPAA rules, here are some helpful tips to consider when using Facebook for your medical office.

Get Written Permission Before Posting

Nothing can replace the power of pictures on your Facebook page. According to a Hubspot survey, Facebook posts with images receive 53% more Likes than those without. Images serve as testimony to what your practice can do and how you can help other patients achieve their desired results. They are also a way for your patients to discuss and identify symptoms that may need a doctor’s immediate attention. However, posting photos without explicit consent from all parties can lead down a very hairy path—even if the image isn’t of someone’s face.

According to Privacy Rule requirements, physicians must obtain a signature from the patient that specifically spells out the what, when, and where of the shared item. Some medical facilities have recently opted to send out a blanket consent statement, but this is not best practice. Be sure the statement includes details such as a full description of your purpose in using the image, an expiration date on the image consent, as well as a note describing the patient’s right to revoke consent. Send a copy of the signed document to the individual and keep one for your records as well. Working this into your protocol prior to posting photos will keep a clear line of communication between your practice and patients, and it will also create a streamlined process for your social media marketing needs.

Avoid Talking About Specific Patients

Posting about patients can be helpful to your practice. You can highlight testimonials, success stories, and interesting procedures that can be used to engage new and current patients alike. However, when posting on Facebook, even if given permission to use a patient’s medical situation, you’ll want to be explicit in not identifying the individual.

Confidentiality and privacy are two sides of the same coin. Confidentiality limits the details of a patient’s health exclusively to the medical team unless given informed consent. Privacy, on the other hand, relates to the patient’s right to be treated with respect and dignity. HIPAA goes even further, stating that information given about a patient in a public forum should not disclose individually identifiable information. This information includes anything that could be used to hone in on a specific person, such as past, present, or future physical or mental health details. Understanding the difference between the two, and how they relate to the language and images used in Facebook posts, will help you and your staff to find that happy medium.

Don’t Take Pictures Around Sensitive Materials

Where you take the picture can matter just as much as the picture you take. When capturing images to share with your patients, be aware of any medical records or other confidential materials laying around. With zoom features on devices, potentially threatening information can become more decipherable when viewed from apps on a cell, tablet, or another mobile device. Avoid this mistake by thoroughly surveying the area before snapping a shot around the office. Put away any files or paperwork containing information that is private or for medical office use only. It may also be a good idea to only take more candid photos in certain areas of the facility where sensitive items are least likely to be an issue. Also, be sure to avoid taking pictures that may have a patient in the background. Having a designated spot for photo ops can minimize the chances of mistakenly exposing information that would break patient confidentiality and put your office in a compromising position.

Facebook doesn’t have to be a no man’s land for physicians and medical practices. Healthcare and social media can play on the same team. Building your brand online and strengthening relationships with your patient base is invaluable, especially with Facebook’s almost 2 billion monthly users. Don’t be intimidated by HIPAA; instead, embrace the rules, implement best practices for your staff, and walk the line to marketing and confidentiality success. The exposure you’ll get will be well worth it.

Check back next week for the final installment of our medical industry blog series, which will walk you through one of our case studies and show you how to put everything together!

If you are ready to chat about your digital marketing opportunities today, contact one of our experts.

Images:

Tablet

Patient Records

June 27, 2017
5 For Friday – Facebook Privacy, Google With Your Voice, and Yelp Videos!

1. Facebook Defaults Posts From “Public” to “Friends” & Introduces Comprehensive Privacy Checkup
– Marketing Land

Facebook has finally launched a major change that may have an impact on their real-time efforts. With the privacy updates, users’ posts will now default to only be visible by friends, and all users will be encouraged to check on their privacy settings if they have not been updated recently. Greg Finn says he expects that this update may cause hashtags and real-time conversations to continue on their decline.

2.Yelp Will Allow 12-Second Video Reviews Starting Next Month
– Marketing Land

Beginning in June, “Elite” users will be allowed to share their review of local businesses via a short video. These videos will first appear inline with the photos, but will eventually also appear along with the reviews like photos currently do.

3.Google+ Introduces New Features That Automatically Generate Movies and Travelogues
– Search Engine Journal

Google+ launches Stories and Movies that will bring together your photos and videos to highlight your favorite moments from your travel or an event. Google’s Story will arrive within 24 hours after you return from your vacation. After you receive your story, you will be able to customize it and share it. Google+ Movies will include related photos and videos along with a soundtrack and special effects.

4. Google Adds “Okay Google” Voice Search For All Chrome Users
– Tech Crunch

Users will first need to give Chrome permission to use the mic on their computer. Then you can simply go to Google.com and say “Okay Google” to trigger the voice search followed by your search request.

5. Google Paid “Dealers Nearby” Appears To Have Gone Live
– Mike Blumenthal

Mike Blumenthal noticed that Google’s new paid ads (now appearing within the knowledge graph) are live. This seems to be only the case in the US according to the comments thread on Dr. Pete’s tweet regarding this update. Mike Blumenthal suggests that we may one day see Google selling competitors space in branded knowledge panels.

May 23, 2014
Quick! Delete Your Instagram Account! (Or Don’t.)

Instagram, the popular photo sharing app recently acquired by Facebook, will be changing its Terms of Service next year. This change in terms, slated to take effect January 16th, provoked a massive storm of criticism because of ambiguous language that some interpreted as allowing the company to sell the licensing to photos posted on the site to various advertisers.

CUE INTERNET MOB WITH PITCHFORKS AND TORCHES

The language in question states that in using Instagram, “you agree that a business or other entity may pay us to display your username, likeness, photos (along with any associated metadata), and/or actions you take, in connection with paid or sponsored content or promotions, without any compensation to you.”

This didn’t sit well with the app’s user base, who instantly began posting screenshots of the new terms as photo shares on the service and started up boycott initiatives. Even someone claiming affiliation with the hacker collective Anonymous called on its followers to ditch the service. A contingency of users has even urged others to switch to the Yahoo-owned photo sharing service, Flickr. (Long before this kerfluffle, Flickr wrote an official blog post saying the company “feel(s) very strongly that sharing online shouldn’t mean giving up rights to your photos.”)

What does all of this mean? Is a photo of your child going to become the new flagship image for the Gerber campaign? Probably not: in face of the uproar, the company produced clarifications within hours. Co-founder Kevin Systrom put out an official statement from the company apologizing for the confusion over the new terms, saying “it is not our intention to sell your photos. We are working on updated language in the terms to make sure this is clear.” Systrom also stressed that Instagram’s users are the owners of their own content, and that the company had no intent to use its users’ content in advertisement. The offending text from the new terms has been removed.

Instagram claims it never intended to use your photos in advertisements and they weren’t claiming ownership to license them out to major ad campaigns either. While I don’t think the language used in the new terms was as vague as some claims make it out to be, I don’t think Instagram had the ominous intent to freely sell your photos to advertisers. Instagram was merely trying to set up the legal grounds for promoted/sponsored posts in your photo feed. What’s really remarkable about this whole story, however, is the speed with which the whole thing took place. The terms were released, outrage spread across the web and social media sphere, and within hours, the head of the company was personally issuing a statement. This rapidity is becoming typical for doing business on the social web: the Hitman social media game that included misogynistic and crude content was pulled in just an hour, and in the infamous Susan G. Komen debacle, the company was forced to reverse its position just days after announcing their deeply unpopular decision to cut funding to Planned Parenthood in the face of a massive online uproar. The fact that Instagram was so willing to clarify its position in plain language actually speaks to a greater transparency and user responsiveness in online business: the mistakes that provoke these bad PR storms are inevitable, so let’s hope the trend of immediate address continues.

December 19, 2012
Marketers Like Us – How I’ve Learned to Stop Worrying and Love Having No Privacy

Not too long ago, I was completely ignorant of any tracking on the internet. I thought, like many, that the things I did online were solely known to me and wouldn’t affect anything. I thought that “Private Browsing” really meant that, and that no one else would know or care that I played a bunch of flash games and that I worked in whatever field I did.

Flash forward to now — I’ve had a whopping year of intensive exposure and training in Internet Marketing: found out what Facebook is really for; why Google might not even find the site I’m looking for; what Google is doing in my status bar, even if I typed in the url; how Google’s ads knew exactly what I typed; that Google’s rankings are always in a state of flux; and even how I like to see the pages I visit. In short, entering this job totally changed how I look at the web.

And I’m happier for it. Sure, people are always trying to create some kind of “Google is Watching You” zeitgeist, whether through their use of AdBlock and Ghostery, or by bringing up the problems Google’s had with European trade officials, or how much Google’s search results have changed since the last time they noticed. People seem to be concerned that someone’s watching their online habits specifically. But I’m now the person who’s watching, and I know how and why I’m doing it.

Is this who's looking at your browsing habits?

To be fair, everyone who’s “invading” privacy is watching online habits. It’s easy to say it’s on a “macro” level, but it’s harder to convince some people that it’s more like an ant farm than an investigation. For internet marketers, not only is it simply not profitable to look at the individual, but it’s becoming less feasible and less legal to do so.

Firstly, targeted marketing based on internet behavior isn’t an unregulated free-for-all on your personal information. 2009 brought a proposal from the FTC for seven “Self-Regulatory Principles for Online Behavioral Advertising,” outline in this Interactive Advertising Bureau report. But for this discussion, it’s important to note that the regulations do not affect collection of data “solely for [the website’s] own uses,” or for contextual advertising like Adwords, “as it delivers advertisements based on the content of a Web page, a search query, or a user’s contemporaneous behavior” — the two main ways marketers use your data online.

What most marketers are concerned with are those non-regulated uses. Google Analytics, found 39 times more than the “average” tracker on the web, is largely for the company’s own use. Google, still the top dog for internet searches, puts its contextual ads right next to its search results — a strong source of revenue for its advertisers.

Analytics, despite privacy advocates’ concerns, is nothing to be afraid of. It’s only to make sites more responsive to their users. One of the greatest tools for the company owning (or managing) the site is to know how people actually use their site. Certainly, most hosting packages do this in a rudimentary way, but few have the immediate gratification of being able to see the site alongside what links are clicked.

Conversions from a Contact Page in Analytics

Landing Page overlaid with In-Page Analytics

The In-Page Analytics shows the percentage of clicks to the various pages in little pop-ups next to each link. Of course, it’s only tracking links to the page, so you have to take it with a few grains of salt if you have contextual linking on the page, but it gives site owners and especially ad campaign runners an idea of how to make their choices more relevant to browsers. The page below shows that almost 2% of visitors hit up the contact page from here, and another view shows us that a fifth of the people visiting the contact page complete a form — whether that’s good or bad is for the marketer to decide, but that information is certainly useful. Should that information not be in the hands of small businesses? The 12000 people searching for “block javascript” in Google think so.

And what about those 12000? How can I know that? Because Google “betrays” its users privacy and gives vague estimates of how much people search for various keywords. Again, this helps small businesses without walls of supercomputers to better gather data so that they can garner a little bit of information to better serve their customers.

Drilldown of Referrals from Other Sites

Finally, what about pages you visit that aren’t part of the site you’re on? Why would a site owner want to know that? Surely, they couldn’t want to know what page you were on before this one! But the internet is the ultimate word-of-mouth; “Who referred you?” becomes “From where were you referred?” and unfortunately, people just don’t pay enough attention to notice effectively on their own.

So instead of ineffective tools and sheer guesswork, the visitor loses a little privacy to help small business owners understand how people came to their site and make it better for those visitors by tailoring the content and design. And this is the mindset behind any loss of privacy for the visitor. Marketers like us aren’t trying to figure out who specifically visited our site and did what — if we were, we’d use other tools that can’t be so easily blocked, and would only be used for malicious visitors.

While some might call it “drinking the Kool-Aid,” I’ve understood more deeply why losing just a little privacy and not trying to circumvent analytics and other tools are a boon for the whole Internet — making it more valuable to the visitor, so that sites give to the reader what they really want. Stop worrying, and support your small businesses on the web.

May 3, 2011
Facebook Privacy – New Orleans SEO Replies to FOX8

The world according to Facebook.

Following advertisements for a contest where Facebook fans can enter to win a 60” 3D television, anchors’ guffaws at “The Facebook” and “The Twitter,” and the third run of a talk about how Facebook and social media peacefully brought down a dictator in 18 days, FOX8, our beloved Fox affiliate network channel, ran a special report on Facebook privacy which showed how confused people are about Facebook.

Stirring up fears about Facebook’s lackadaisical attitude towards users’ privacy is almost as old as the site itself, but really took off after the introduction of the news feed, prompting this post from Michael Cerahimself. But FOX8 reports that there yet is one more person who knows “everything” about you, even after 170 types of privacy options: the social media marketer.

We’ve determined a rough estimate of the gay population of the military using the tools they’re talking about. Dr. Kimberly Mason, cyber-bullying expert at UNO, claims:

“The majority of the individuals who use Facebook of course are on there to make their social connections and keeping in touch with friends and family. So looking at advertising and looking how they monitor that really is not in their realm of awareness.”

Strengthening this argument is the general concern about privacy that Facebook users have cultivated. Avoiding questions of survey design, there is no attempt by Gallup/USAToday to reconcile this data with the knowledge users displayed about the privacy settings even at an early stage of development for the site, nor with the skyrocketing membership and constant activity seen as the site has become the second-most-trafficked site on the web. Obviously we’re not dealing with an all-or-nothing situation, and maybe even analysis of risk perception could be appropriate, though of course not under the language of physical harm.

The FTC supports a browser-based “Do Not Track” system, while Rep. Jackie Speier (D-CA) offers a much more nebulous, but more proactive and far-reaching system. These proposals and recommendations are to protect the users of the site from their private lives being compromised.

But the privacy argument driving interest, polls, and media stories is too muddled to be coherent — there’s privacy, and then there’s privacy, and then there’s privacy. These three realms where users can unknowingly give out information — your network, the public, and advertisers — have different priorities and different interdependencies when it comes to blocking access.

The first kind of privacy — hiding your information from your own network — seems simply counterintuitive to me. Like having a private Livejournal, not using the social aspect of a social network seems a bit counterintuitive. There’s got to be some kind of control here — Reuben Foster of UNO says, “If I don’t want it to be public, then I won’t … click these things,” and that’s right on the money.

Found directly beneath the status box.

In addition, the News Feed is smart. That first variable, the affinity score, is user-controlled. If you don’t talk to someone, they won’t show up as often. To boot, the other variables, weight and time, simply fulfill the definition of a social network. Combined with easy to navigate deletion and blocking capabilities, it’s a hard sell to me that there isn’t enough privacy options for the user.

But that’s a straw man; privacy can be breached in other ways. While privacy settings can stop a lot, so many checkboxes to look at and discover over time might be overwhelming. Worse still, Facebook has a bad habit of resetting its users’ privacy settings when it updates its features. We’ve talked before about other people looking at your posts and online image branding. There are a number of news stories where someone posts something that unintentionally irritates the wrong people, all of which bring up the divide between what is or isn’t public speech.

While I’m not about to open that can of worms, two alternate court cases show the two likely outcomes of privacy issues: either an out of court settlement or a court siding with the company, who can probably show a solid link between loudly kvetching about work and “job performance.” The question on the level of privacy and anonymity of your Facebook profile has not been answered; best to tread with care, but not necessarily lightly.

Even with careful Facebook pruning, you still have your information going to advertisers, and it is this what puts Facebook in a unique position for privacy. Google doesn’t have the instant interest data to tailor their content offerings like Facebook does. Even Microsoft, whose use of Internet Explorer to strengthen Bing’s ranking pages is more insidious and less publicized, gets their data from Facebook

Obviously not the best tool for small fanbases…

WVUE reflects the average Facebook user’s view when it refers to all ads as “Sponsored Stories.” Ads are ads — it’s neither Facebook’s intent nor in their interest to try to fool you into thinking they’re not, and you’d have to ignore clear headings to think they’re from your friends. There is a difference, though: Sponsored Stories refers to ads that look more like regular news feed posts; however, they again have the telltale heading. They also can only be shown to people “whose friends are already connected to” the Facebook page or post that they’re connected to. Similarly, fan page ads can only be shown to people not already connected to the fan page.

See, nothing terribly creepy here…

Facebook’s ad targeting is much less sinister than it seems. You can filter by age, sex, and broad category of interest. While the Family Status category under interests is on one hand a bit questionable, it can heavily influence relevance of ads; you wouldn’t want to be showing ads for singles sites if a member is married with kids.

You can then target by Connection to a Page, Event or App. The next section, the Advanced Demographics, provides advertisers with better opportunities to provide relevant content and avoid marketing gaffes. Finally, you can target by education level or workplace.

And that’s it, right? You get your broad information, and nothing’s even tracked deeply enough to cause any concern. That doesn’t seem so bad.

… But we could make this comparison much creepier. I just like music.

But when something* happens with your account, the advertiser gets access to Likes & Interests. This narrows the interests so that it is more like traditional keyword bidding. This isn’t unusual, and follows the traditions from Google pay-per-click advertising. The advertising platform provides vague statistics to give advertisers an idea of how many people are interested in ideas that are related to your link.

But not only does the advertiser get this information. Another privacy craze was raised over Facebook’s Open Graph Platform, which began the rash of “Like” buttons on the site. Extending the simplicity of the “Like” from every kind of “Edge” — the term Facebook uses for any post, link, comment, or ad — to web pages seems logical and extends not only the brand, but the whole social media mentality.

Open Graph allows a content provider to, like Google Analytics, track his links’ likes and clicks on Facebook, even without having a Facebook presence. While this might seem like nothing new to your loss of privacy, an important distinction has to be drawn between this and Google’s tracking programs. Facebook offers this information with your personal information like your friends list in the unseen data. Obviously, this is used not for advertisers, but for the inner machinery. However, the concern remains that someone with a bit of knowhow can get that information.

But that information isn’t useful for advertisers right now. A list of friends might be interesting on a massive level, but then again, the individual is lost looking at larger trends. The other factors, publicly displayed on your profile

Through these three realms of privacy, it seems that there’s good reason to be afraid of Facebook and its privacy issues. But here’s the catch — who’s really looking at this? Advertisers and content providers, even among the slimiest of content farms, simply want to provide a better user experience. They, including us, are looking for the most people clicking on ads and, more importantly, interact with the content behind the ads.

There’s a tendency for people versed in Facebook to blame the user — we all see the inner workings, we know how easy the whole system is if you turn off your brain. We know that all you have to do is click the “Like” button and you’re giving us good information that we can use to give you more of what you already, at least in a marketing sense, “Like.” Those that are trying to target you are trying to give you more of what you’ve already said you want, even if it’s an admittedly selfish gift, since advertisers obviously get benefits from you clicking the link.

But the Skinner box that is Facebook, and particularly the games and apps that tweak and complicate privacy settings beyond the basic problems described, is ultimately something from which its users benefit. The on-first-glance underhanded data-gathering techniques are ultimately the way that Facebook serves its users, by providing content relevant to them, as determined by them.

*We are looking into this. Check back for more info!
Picture Courtesy of the Facebook Engineering Blog

Don’t forget to “Like” this page. We promise to do every creepy thing we can with your information and show you what you’re sending to advertisers and content providers in an upcoming blog post.

February 22, 2011