Healthcare Mode
HIPAA-compliant attribution and ad optimization for healthcare businesses
Healthcare Mode
Atribu's Healthcare Mode enables HIPAA-compliant attribution for dental, medical, mental health, and other healthcare businesses that advertise online. It protects Protected Health Information (PHI) while still allowing you to measure which ads drive real revenue.
Why Healthcare Mode exists
Meta and Google ban healthcare ad accounts that send health-related data through their conversion APIs. Healthcare Mode ensures that only safe, scrubbed conversion signals reach ad platforms — while Atribu still tracks the full customer journey internally for your attribution reports.
How it works
Healthcare Mode changes the export behavior from blocklist (send everything, block specific things) to allowlist (block everything, only send what you explicitly approve).
| Layer | Standard Mode | Healthcare Mode |
|---|---|---|
| Internal storage | All events stored | All events stored (unchanged) |
| Export policy | Blocklist — send all, block specific paths/params | Allowlist — block all, send only approved event types |
| PII stripping | Configurable per field | All fields stripped (IP, UA, referrer, page title, external IDs) |
| Meta LDU | Optional | Always enabled |
| URL handling | Full URL sent | Origin only (path stripped) |
| Stage transitions | Exportable | Blocked from export |
| Legal gate | Optional | Required — BAA must be signed before any export |
Legal stack
Healthcare Mode includes a complete legal stack:
- Data Processing Agreement (DPA) — governs how Atribu processes personal data on your behalf. Read the full DPA.
- HIPAA Business Associate Agreement (Annex F) — the BAA annex that applies when you handle PHI. Read Annex F.
- Click-wrap acceptance — accept both documents electronically when enabling Healthcare Mode.
Who should use Healthcare Mode
Enable Healthcare Mode if your business (or your agency's client):
- Is a healthcare provider (dental, medical, chiropractic, mental health, etc.)
- Is a health plan or insurance entity
- Handles Protected Health Information in any form
- Runs ads where conversion data could reveal health conditions (e.g., booking a dental implant consultation)
When in doubt, enable it
The only downside of Healthcare Mode is reduced ad optimization signal density. The upside is avoiding a HIPAA violation or Meta account ban.
What's next
- Set up Healthcare Mode — step-by-step activation guide
- Configure the export allowlist — choose which events reach ad platforms
- Migrate existing accounts — switch from standard to HIPAA mode