Google Analytics (GA) has ruled the web analytics market for many years. Its deep feature set contributed to this, but the fact that it is free played a big part. From small businesses to hospitals to corporations, it was the choice of marketers and web teams.
HIPAA and Analytics
There’s been a shift in healthcare organizations, though, driven by HIPAA. Healthcare websites of the past were simple brochureware sites with little to no interactivity. But with the advent of electronic medical records and the increasing integration of appointment and healthcare management with the web, a lack of HIPAA compliance from external vendor products is no longer acceptable.
Any vendor you work with that will will access, store, or send PHI is referred to as a business associate (BA). To meet HIPAA compliance your organization and the BA must sign a business associate agreement (BAA). Talk to your legal team to find out what’s required in this regard.
Google Analytics (GA) is not designed to be HIPAA compliant and they don’t seem to be interested in that (their official stance).
Alternatives to Google Analytics
There are many web analytics tools and below is just a selection of popular ones that are, or can be, HIPAA compliant.
Matomo, formerly known as Piwik, is considered a good replacement for Google Analytics due to how similar it is in regards to the reports available and the user interface. It can be installed on your server or hosted by them in the cloud. Sites that use this tool include Ahrefs, Nasa, and the United Nations. Many parts of this tool are free, but you’ll need subscriptions for additional modules to make the most of it.
Piwik PRO is a closed source solution that (sort of) evolved from Piwik and so is comparable to Matomo. It can be installed on your server or hosted by them in the cloud. Pricing is not listed on their website, but is likely similar to Matomo’s as they are close competitors.
If retaining similarity to GA isn’t crucial, there are other tools that take different approaches to their reporting. Mixpanel and Pendo, for instance, are popular in eCommerce and follow a product-centric model, following user paths through the marketing funnel.
And there are some products newer to the market worth considering, like Heap, Countly, and Plausible.
Weigh Your Options
If your healthcare organization is still using Google Analytics, look into whether you are well covered in regards to HIPAA. Many of your colleagues at other orgs are currently or have recently made the jump, so reach out to them to hear about their experiences.