In between patients? Read our 60-second TL;DR

It was Thursday, just after 10:00 am Pacific Coast Time. I was innocently sitting at my desk, minding my own business, reading none other than the good word of the Lord (kidding) when the call came through.

“What the f*ck is going on? F*ck Apple. F*ck Google. F*ck Facebook. Everything is f*cked!” It was a long-time friend of mine, a CEO of a medical device company that I have known for years. 

And here’s the thing, my phone is continuously on Do Not Disturb. It’s not like I am Kanye West dodging lawsuit calls or anything, but having my phone interrupt my daily combination of conference calls, projects and meetings just to be told that my car warranty has nearly expired is not going to happen. 

(There are five people on my emergency bypass list that penetrate my shield of serenity — and two of them have my last name.) 

Unfortunately, as we well know, even Do Not Disturb is merely a suggestion. Call enough times repeatedly, and be a contact in my phone, and Apple thinks you deserve to bypass my DnD blockade. 

(No respect for dungeon masters. Ba dum.) 

But whatever, I digress. The point is, I already knew this call wasn’t going to be good, if it made it past my leave-me-the-hell-alone firewall. The explosion of expletives confirmed my suspicions.

“Woah, woah, woah… hold on, my guy, I’m not Zuckerberg,” I retorted.

“Sam, what am I going to do!” He asked, sounding completely dejected.

Abrasive language aside, my friend had a right to be upset to an extent. Everything was changing. Everything is still changing. 

Around 2016, legislatures around the world started creating laws to limit the data collected and used from tech companies. The real catalyst was a little event that happened with Facebook in 2016, but since then, a cascade of changes has shaken up the way businesses can market and advertise on internet-based platforms.

Google, Apple, Facebook — all these major players are changing up their systems. Systems that have worked very well for businesses in the past.

Understandably, my friend was shook when the news started rolling out. But the thing he didn’t realize was that there are silver linings in everything.

There’s always another way – marketing always finds another way.

I leaned forward, into my desk, and grinned. “Here’s what we are going to do…”

Damn You, Facebook… Did You Kill My Marketing Strategy? 

Ok, first things first, I need to get it out of the way: Facebook definitely dropped the ball on this one. Most of the revenue for the social media giant comes from advertising. They either were too blind or dumb or had intentionally let the data they used for ad development manipulate the 2016 U.S. Presidential election. 

(Yeah, sure, whatever. If you say so.)

Yes, I’m talking about the Cambridge-Analytica scandal that sent shockwaves throughout the digital world. But for digital marketers, this didn’t come all too much as a surprise (data keeps us going). 

Theories and suppositions have been floating around for years about how the data of the masses can be misused (maybe you were even questioning where your data was going). It was only a matter of time before this was going to happen. 

But there is some good to this bitten apple. Facebook’s f*ck up revealed that there truly are real-world consequences regarding privacy (or lack thereof) and prompted consumers to be more conscious of their data. Blind faith in these companies and preconceived “privacy” has since left the building – consumers want to know the truth about how it’s spent. 

This notion probably has you wondering if the event (or events that we’ll further explore) are hurting your practice’s visibility to consumers. Sort of, but not so much if you make the correct adjustments to your digital marketing strategies. 

There is a light at the end of this tunnel. 

But let’s explore the inside of it first. 

Nothing Is As It Once Was

(Data, Analytics, Ads, and Other Fun Things) 

All across the internet, data, analytics, and ads are changing. For your privacy, everything is much more complex than it used to be. I know that wasn’t your intention, and you probably didn’t want any of this to happen… 

So, let’s get into it:

Europe Lights The Fuse:

It all started with Europe (even before the whole Cambridge-Analytica thingy) when they adopted the General Data Protection Regulation (GDPR) in 2016, which went into effect in May 2018, shortly after the scandal broke (coincidence?). This new law leaves much to interpretation but provides the legal framework for collecting and processing individuals’ data in and outside of the EU. Europe set the new standard.

California Soon Follows:

Then California jumped on this privacy-keeping bandwagon. A month after the GDPR, California legislatures passed the California Consumer Privacy Act (CCPA). Their law set more broad parameters than the GDPR, expanding on what they consider personal information, such as unique personal identifiers, email addresses, account names, social security numbers, records of personal property, consuming histories … a lot. 

Apple Says IDGAF Anymore:

Then, Apple decides just to say they don’t care anymore and throw their Identifiers for Advertisers (IDFA) out the window. Well, not literally out the window, but since the iOS 14 update, consumers had the choice to block the IDFA for mobile applications, meaning they could say no to using their data for custom advertising (Facebook anticipates losing 10 billion because of this change). 

Everyone – countries, states and companies – is trying to figure out what the hell they should and shouldn’t do concerning your privacy.

The Future of Privacy

Firstly, the cookie monster is finally going to die. 

(Sorry, buddy. Thanks for the mems.)

Well, that’s to say that third-party cookies will finally die. While these tracking cookies have already been phased out by most browsers, including Safari and Firefox, Google Chrome has yet to phase them out entirely but intends to do so by the end of 2023. 

This is massive

Why has Google been so slow to pull the trigger for Chrome? Because they represent over 65 percent of the global web browser market, and Google is, after all, an advertising company at heart. There will always be a need to track people and marketing dollars are what makes the world spin.

Any changes they make will affect them, me and you. It’s best (for their pocketbook) if they take it slow. 


(Whatever you say, you soon-to-be old and decrepit thing of the past)

Google has introduced a new solution to the death of the third-party cookie: Topics. This privacy-friendly replacement makes it so advertisers serve content based on the user’s interest instead of the sites they visit. 

Google will also introduce Google Analytics Four (GA4). GA4 is the newest analytic tool Google introduced that goes into effect on July 1, 2023, and will replace Universal Analytics. The new tool arrives because you guessed it: privacy. 

This platform differs from past iterations because it puts privacy into the user’s hands. The update changes:

  • IP Anonymization – Universal Analytics tracks IP addresses by default, but with this new reiteration, IP addresses will be anonymized, making it GDPR compliant because it considers an IP address to be personally identifiable information (PII).
  • Server Location – GA4 doesn’t let you decide where your data is stored. If you’re in the EU and want to comply with GDPR restrictions, your privacy policy must note that international data transfers will happen. 
  • Cookie Banners – Your cookie banners need options for users to opt in/out of data collection and state what will happen with the data captured as they interact with your website. 
  • Consent Mode – This feature (currently in beta) allows you to respect a patient’s consent choices for their privacy. You can ensure that tracking respects the patient’s decisions. 
  • Data Storage – GA4 makes it so there are two timeframes for data retention: two months and 14 months. Afterward, the data is gone. Previously, data retention lasted for 14 months or could never expire. 
  • Among many other changes

As mentioned with Apple and their decision to make the IDFA optional, Google will also make similar changes with their Android operating system. The tech giant plans to replace the advertising IDs they used to identify a user’s device. Albeit, these changes will not be as abrupt and drastic as Apple’s because Google plans to roll out these changes over the course of two years to allow brands the chance to adjust. 

Understand the changes, and your future self and patients will thank you. Showing them that you care will build trust. 

To put it not so nicely: get your sh*t together. 

The fate of privacy is going to be generally determined by GA4. Learn what they have in store. 

How to Navigate This New Digital Landscape

Everyone wants to be paid. Me, you, your patients, your patient’s neighbor, everyone. Marketing and advertising are what push products. Essentially, everyone’s data will still be up for grabs but with privacy given far more significant consideration. Ensuring best practices requires the following:

1. Find a balance between privacy and personalized customer experiences.

Only gather data that’s going to benefit your practice. Simple, isn’t it? Ask for the information you know will strengthen your bonds with your patient and serve them meaningfully. And if they refuse, respect their decision. Additionally, communicate with them how you intend to use their information. 

2. Be transparent. 

This one is a bit of a no-brainer. You should include privacy laws, terms and conditions, and the option to opt in/out of cookies as pop-ups on your website, helping patients feel more secure about their data while using your website. 

Just as you include your HIPAA disclosures right when the patient enters your practice, you should be just as diligent to follow privacy laws on your website, or when collecting personal information.

3. Advocate for identity-based marketing. 

What is identity-based marketing? It is a strategy that involves gathering data, interpreting it, then acting on it beneficially. 

Dear practice owner or random reader who stumbled upon this page, I’ve developed steps for you to create an identity-based marketing strategy that shows your patients that your C.A.R.E.

  • COMPLETE – Make sure your data gathering is complete and relevant to your patients. That’s to say, remove old data you once had, start with a clean foundation, and develop it into being representative of your patient. 
  • ANSWER – Who is your patient? Being able to answer that before you convert them retains their autonomy and gives you a referential point for how your patient responds to your marketing efforts. How can you improve?
  • RESPECT – Give some context to your patient and respect it. Doing so will allow you to understand your patient’s intent and interests better and have better marketing geared toward their needs. 
  • ENRICH – Lastly, enrich your relationship with your patients by complying with privacy laws in your marketing efforts. Honor your patients’ choices.

This strategy is not a one-time process but will continually evolve and allow you to build more prosperous relationships with your patients. This opportunity creates a two-way conversation between your practice and patient about marketing, privacy, and where to go from here. 

4. Gather first-party data.

Third-party cookies will soon be out, but we still have access to first-party cookies. These cookies allow for an effective marketing strategy while getting your patient’s permission to access their privacy. Essentially, first-party cookies remember the patient’s basic data, passwords, and other preferences. With this data, you can learn what your patient did while visiting your site, how often they do it, and other basic analytics. 

You can access many patients’ first-party cookies by incentivizing them to sign up for your newsletter. Email marketing has proven to be among the most effective marketing strategies in a soon-to-be third-party cookie-less world. 

There Is Light at the End of This Privacy Tunnel 

And that’s it. That’s what I told that CEO one year ago. Do you know what he said?

“Yeah, but Mark Zuckerberg is probably a robot.”

“Umm, no, he would be more likened to a Cyborg, and his AI is really really good,” I said as I laughed uncontrollably. So did he.

So much nervous laughter. 

At the end of the day, privacy isn’t killing your practice. The digital world is still in its infancy and constantly evolving. The state of privacy is now being given its due diligence, and marketers are developing thoughtful strategies to work around the changes. 

Follow and understand the strategies marketers are constructing, and you’ll never slip back into that deep, dark privacy tunnel again.


Significant changes are happening in the digital world, and it’s to secure your privacy. Facebook was the one to prompt the changes after the Cambridge-Analytica Scandal essentially. These changes range from European lawmakers changing laws and companies like Apple and Google adding or removing security measures. While these changes may seem to keep you from maintaining your marketing tactics, they won’t. There are ways around them, and there are several steps you can take to keep your marketing consistent:

  • Find a balance between privacy and marketing strategies.
  • Be transparent.
  • Become a privacy advocate.
  • Make first-party data your main objective. 

Don’t panic. Privacy will not be the death of your practice. 

Still Panicking? Let’s Chat.

I have the answers and know-how to put your fraught mind to rest. Fill out this form or give us a call at (800) 949-0133, and we’ll transform you into an Incredible thinker, not a scared one. 

Sam Peek

Incredible CEO

Incredible Marketing

Never miss a post from me again ...