Credibility is Everything in Marketing for Healthcare & IT Security: Why Marketers Can’t Afford to Cry Wolf

Andrew Moravick

Healthcare IT News reports that “in the next five years, healthcare will be the biggest target” of malicious cyber-attacks. Given all the legal, technical, and procedural complexities around IT security and cybersecurity efforts, it’s not exactly the easiest of arenas in which marketers can engage.

Moreover (but with a little less tech-heavy context), this looming threat essentially places healthcare in the world of The Boy Who Cried Wolf parable, or for a more modern example, on Amity Beach right in the middle of Jaws.

Enough nightmare-scenario cyber-attacks have already been witnessed --one of the worst being in 2015 when nearly 80 million customers of an insurance provider were impacted by a breach – to give the mention of a security threat the same kind of primal, instantly-alert-and-ready-to-run response as “wolf,” or “shark!”

Undoubtedly, security considerations will strike up plenty of attention from healthcare professionals. If, as a marketer, you can garner that attention with credible, value-oriented messaging of avoidance, preparedness, or even real-time updates or expert guidance, your marketing communications become a part of your customers’ and prospects’ support structure. They will listen to you and believe you because you’ve demonstrated reliable knowledge and timely value.

The other side of the coin, though, is that there’s no room for cyber-security click-bait, inflated claims, or self-serving tie-ins from real concerns to tangentially related product features or offerings.

To your buyers, it doesn’t matter if it’s just an honest mistake – you thought you had a fair enough understanding of security to make a credible appeal, but you just missed the mark – or an intentional exploitation of a topic to which your audience is programed to react; it’s a breach of trust. You’ve become the brand who cried wolf. You’ve distracted the shark-spotters with a phony fin.

While there’s plenty of room for marketers to tell meaningful, intriguing stories around the intersections of healthcare information and technology, and security, the point of this post is to offer up a simple, cautionary preamble. You need to know that the standards are higher in healthcare and security and the consequences of missteps carry more weight.


Always ensure the form of the security-related message serves a valuable function for your reader, and one you know you can deliver.

Again, the function of this post is simple: emphasize caution for marketers seeking to explore security topics in healthcare. Whether you find a post like this a little obvious or a little sobering, as long as it prompts or reinforces caution, it works.

Avoid security-themed messaging when the probability or impact of being wrong is too high.

In other words, don’t go out on any limbs that won’t support you. If you can’t speak to a security topic confidently, don’t, or if you must, quote an expert who is confident. If being wrong will crush your credibility, don’t go there.

Accept that your messaging must tolerate facts and thoughts from other brands or thought leaders.

While sharing the spotlight might seem like an unacceptable concession in other marketing efforts, in the security world, consensus on best practices and validation via thorough research is often table stakes. What you may say might, by necessity, echo what many other experts or studies say, but in accepting that cost, you can invest time and effort to differentiate yourself in how you say it.

Mitigate negative reactions to messages where negative reactions are unavoidable.

For healthcare technology marketers, especially those who are marketing new or innovative security-related offerings, taking a provocative position on a security topic may be unavoidable. The new technology may require a new kind of thinking. There may be a concept at work that’s been hotly debated. If the likelihood of debate or dispute is high, though, you can mitigate the impact of such negative reactions by leaning into existing dynamics. Facilitate debates among experts on related concepts, open up for comments in things like blog posts or webinars to welcome differing viewpoints. If you expect and even welcome disagreements, you’re still demonstrating a respectable level of understanding for the space – the debates or discussions you welcome are the ones that need to be had.

Transfer your talking points to topics you can talk to effectively.

Sometimes, there’s no escaping a security discussion. You might be at an industry event, just trying to learn, but by some stroke of luck / fortunate misfortune, a respected security expert or industry influencer is sitting at your table, or is a part of a conversation you’re listening to, and she or he asks you “what do you think?” You have to represent your brand and yourself well enough to some degree, so you have to say something. A healthy conversation would likely be an in-road for your brand, maybe even an opportunity to gain a contributor to you blog.

Your best bet is to cover any security-knowledge liabilities by shifting gears to something you know in and out as a marketer. It’s much easier and safer to bank on your communication skills, and not your security expertise.

Honestly relate what you may know of email deliverability and privacy compliance from your stated job function. “As a marketer, my primary concerns around security are…” 

In a pinch, you can also tell or cite a story (maybe a howling parable or a biting pop culture reference) that you can relate to security, but which doesn’t depend on you being a security expert. If that expert likes you and your story, and is open for further conversations, you’ve done all you need to. Definitely, though, avoid the high risk/ low reward scenario of trying to be a know-it all with someone who may actually know it all (or most of it) when it comes to security.

Ultimately in healthcare technology marketing, there will almost always be some kind of security question to answer. The marketers who can credibly create content -- either directly with internal expertise, or with trusted external contributors and thought leaders -- to answer such questions position their brands as trusted resources for their buyers. These are marketers who are sentries for their audiences – eying things that may be stalking in the shadows, and giving alerts as needed, but never being known for “crying wolf.”

At HIMSS Media, privacy and security coverage is a core topic for our Healthcare IT News, Healthcare Finance News, and Mobihealth News publications. Recently, we also announced a sponsorship agreement with RSA Conference 2019. If you’re looking for ways to enhance your brand’s voice around healthcare information and technology and security topics, contact us today!

About the Author

As a Senior Marketing Manager for HIMSS Media, Andrew Moravick leverages extensive B2B & B2C marketing experience to oversee and optimize HIMSS Media's content marketing and demand generation efforts. In previous roles, Andrew has worked for Aberdeen Group, Snap App, PUMA, and Eloqua.

More Content by Andrew Moravick