INSIGHTS
Inside Rock Health
Sean Day
Principal
Bill Evans
Founder and General Partner
July 28, 2025

Enabling HIPAA-safe performance marketing and analytics: Our investment in Ours Privacy

The digital marketing ecosystem is undergoing a foundational shift as third-party and first-party tracking practices face tighter restrictions from regulatory pressure and platform policy changes. Core tools and techniques are being restricted by regulations, forcing healthcare companies to either develop complex compliance solutions or abandon the tools entirely.

Healthcare marketers feel these changes acutely. Under HIPAA, healthcare organizations are legally responsible for safeguarding any health-related information that can be tied to an individual. Personal identifiers (like IP addresses and emails) combined with health-related actions (like appointment bookings) can be considered protected health information (PHI). This means healthcare marketers must limit how they collect, store, and share data—especially for advertising and analytics.

The pressure to tighten data protection is only growing:

  • In 2023 the FTC issued warnings to 130+ hospitals for improper data sharing.
  • Meta now limits use of its tracking pixel in healthcare.
  • Increasing state privacy laws like California’s CCPA and Colorado’s CPA add additional layers of complexity.

Digital health companies are feeling the consequences. The FTC has settled with five digital health companies for consumer privacy violations: GoodRx ($1.5M), BetterHelp ($7.8M), Monument ($2.5M), Cerebral ($7.1M), Premom ($100K), and Healthline ($1.6M). Class actions have followed.

Large payers and providers have also experienced major breaches when tracking tools are misconfigured. Blue Shield of California notified members that its use of Google Analytics inadvertently allowed certain member data to be shared with Google Ads. Kaiser Permanente notified 13.4 million individuals that some of their personal data was disclosed to third parties via tracking technologies on its websites and apps. And it’s not just the FTC that is taking action—state attorneys general are also stepping in. For example, the New York Attorney General settled with NewYork-Presbyterian over alleged violations of HIPAA and state laws.

Healthcare organizations need better tools to reach patients, improve services, and measure outcomes—without putting protected data at risk.

Our Investment in Ours Privacy

After facing the challenge of compliant marketing while building a national telehealth brand, the team at Ours Privacy saw a clear opportunity to empower healthcare marketers and launched a full-stack privacy solution purpose-built for healthcare marketers navigating today’s complex regulatory landscape. Ours Privacy’s customer data platform (CDP) enables healthcare organizations to compliantly collect, de-identify, and activate user data across web and application analytics tools and advertising platforms—without exposing PHI to third parties. For example, a health system can measure online appointment conversions or ad campaign performance while ensuring no sensitive user data is shared downstream. The CDP is directly integrated with a suite of privacy and marketing solutions such as consent management, audience segmentation, video and maps hosting and more, making it easy for healthcare marketers to grow compliantly. Ours Privacy has grown rapidly and is now trusted by many of the nation’s largest digital health companies, health systems and medical brands—helping them reach patients more effectively while protecting trust.

Today, Rock Health Capital is announcing our most recent investment in Ours Privacy alongside Switch Ventures, GreyMatter and TMV.

We can’t imagine a team better suited to tackle this opportunity. Jessica, Adam, and Tyler have previously led healthcare and marketing companies—and originally built the Ours Privacy platform for themselves when no viable alternative existed.

We couldn’t be more excited to partner with the whole Ours Privacy team!

Learn more about how Ours Privacy enables optimized marketing and analytics—while ensuring sensitive data never reaches non-compliant tools, or schedule a demo with the team here.

Rock Health Capital is an early-stage venture fund focused on digital health. We would love to hear from you. Get in touch!