Reporting live from HMPS in Orlando. It's 86 degrees with 85% humidity today. Yikes. I'm not built for weather like this.
I've been to a lot of conferences and trade shows over my years in marketing, but I find healthcare conferences the most interesting because there’s a level of openness here that you just don’t see at most software conferences. People are genuinely willing to share what's working and what's not.
At the Freshpaint LIVE driving range event last night, I mentioned this to a healthcare marketer, and he made a great point: unlike most industries, healthcare marketers usually aren't direct competitors. They serve different regions, but face the same challenges, and often turn to the same tools to solve them. That shared experience makes connection and collaboration a defining feature of this community.
It's refreshing. I love it. And I hope it never changes.
We'll have more coverage from the event in the next few weeks, but let's get onto the rest of the newsletter. Here’s what I've got for you:
Updates to our integrations page
Events, events, events
State privacy laws
CCPA class actions are expanding in scope
Let's dive in...
Product Update
We cleaned up and relaunched our integrations page to make it crystal clear what tools you can safely connect to Freshpaint today.
40 destinations where you can send data (from ad platforms to data warehouses) so you can improve targeting, personalization, and performance tracking while staying compliant
8 sources that can send data into Freshpaint, so you can capture the full customer journey across channels
All built for privacy compliance and real-world usage
This update gives you a reliable, up-to-date source of truth. Whether you’re planning a campaign or prepping for legal review, now you can check what can be "Freshpaintified" without second-guessing.
Join us for a private dinner at Trevi’s Terrazza at Omni Orlando, where good food and genuine conversation bring the healthcare marketing community together. This intimate gathering offers the chance to connect with industry peers, exchange ideas, and build relationships in a relaxed, open setting. Enjoy a thoughtfully crafted meal, engage in meaningful discussions, and be part of a night that’s as rewarding as it is memorable. Save your seat now.
Discover how compliance-driven strategies can enhance healthcare marketing performance, reduce costs, and boost retention in this joint “Data Done Right” webinar. Sign up here!
State regulators, federal agencies and class action lawsuits are cracking down on the use of pixels and cookies in healthcare marketing. Even a single overlooked datapoint can trigger compliance violations — and few organizations are truly prepared. Join us and Elliot Golding, Partner at McDermott Will & Emery for a practical discussion on safeguarding your organization while preserving digital performance. Save your spot now.
On-Demand Webinar In this on-demand webinar, we’ll show you how to enhance ROI by linking appointment data to your campaigns, supercharge your Google Ads performance with accurate data for better bidding, and gain end-to-end insights into the patient journey. You'll also get a chance to explore how to optimize your marketing budgets with privacy-compliant ROI insights to help secure growth.
Join marketing and healthcare strategy leaders as they explore the results of an insightful survey on payer marketing, shedding light on how payers are allocating budgets, implementing funnel strategies and tackling privacy challenges to drive growth and compliance in an evolving landscape. Watch the webinar here.
Freshpaint's Compliant Corner
As you'll read in the next section, state privacy laws are becoming more real, and more serious for healthcare organizations. That's simply because HIPAA doesn’t cover most of your health-related data.
To fill the gap, 20 U.S. states have stepped in with their own privacy laws. That's good for consumers, but it's creating a compliance minefield for healthcare marketers.
Each state defines personal data a little differently. Some require opt-in consent, others allow opt-out. Some demand data protection assessments, others don't. Some even treat IP addresses and browsing history as sensitive data, whether HIPAA does or not.
And here’s the kicker: You can be penalized under both HIPAA and state laws for the same mistake. That means bigger fines, possible lawsuits, court orders to stop marketing practices, and long-term damage to patient trust.
So what's the move?
Healthcare organizations are taking a privacy-first approach, using technology to control what data is collected and shared, prioritizing first-party data, and aligning with the strictest laws (think: California) to simplify compliance across the board.
Two recent court rulings in California, Shah v. Capital One and M.G. v. Therapymatch, suggest that sharing personal data via pixels and tracking technologies could trigger liability under the California Consumer Privacy Act (CCPA), even without a data breach.
Traditionally, CCPA lawsuits hinged on cybersecurity failures. But now, courts are signaling that undisclosed or unauthorized data sharing with platforms like Google and Meta could qualify as a "breach of security," exposing companies to $100–$750 per person, per incident.
If you're using third-party tracking tools and not providing clear notice, consent, or safeguards, you may be at risk, even if there's no hack.
Key takeaways for healthcare marketers:
Review your use of pixels, cookies, and third-party analytics
Update your privacy notices and consent flows
Monitor legal trends, especially if you operate in regulated sectors
These rulings reflect a broader trend: courts are taking adtech privacy violations seriously.
.png?upscale=true&width=1200&upscale=true&name=1200x628%20(1).png)