Healthcare reviews: How to stay compliant and win in local SEO

10 April 2026 at 19:00

Healthcare reviews compliance in local SEO

There’s a broad consensus that online reviews — especially Google reviews — should be a top priority for businesses that rely on local customers.

Four of the top 15 ranking factors in Google Maps were related to reviews (quantity, quality, recency, and consistency), according to a recent Whitespark survey. Other surveys report that more than 80% of consumers use Google reviews to evaluate local businesses.

For most of these businesses, the solution is straightforward: ask more customers for reviews, and then reply to those reviews. However, if you work in healthcare, you’ll inevitably find that things aren’t that simple.

From soliciting reviews to responding to reporting fake engagement, medical facilities face unique dilemmas due to ethical standards and federal laws that limit review-related activities. That said, if you understand the obstacles and your options, there’s no reason you can’t be both competitive and compliant in the arena of healthcare reviews.

After working in healthcare for over a decade, I’ll share the biggest obstacles I’ve faced, along with unique solutions.

The catch-22 in mental health

Years ago, I was assisting a therapist’s small private practice with local SEO. He only had a couple of reviews, so I pointed that out. That’s when he told me he wasn’t even allowed to ask for reviews.

At the time, I was certain he must be mistaken. To my surprise, it was actually part of the code of ethics from the American Psychological Association (APA), which explicitly states therapists and psychologists can’t solicit testimonials from their clients (due to concerns of undue influence).

With that in mind, the lack of reviews was certainly understandable, but it was still a problem for local SEO. And Google doesn’t seem to make any exceptions for the mental health field.

After working with many more clients and employers in the mental health space since, this has proven to be a recurring obstacle. Mental health professionals need visibility on Google the same as any other local business, but one of the best ways to achieve that visibility isn’t even allowed in their field.

The result, unfortunately, is that the practitioners who follow their ethics rules are often those with the least visibility on Google.

The good news is that there are still ways to get reviews without crossing those ethical boundaries — although it might require utilizing some outside-the-box solutions.

Your customers search everywhere. Make sure your brand shows up.

The SEO toolkit you know, plus the AI visibility data you need.

Start Free Trial

Get started with

A case study in mental healthcare reviews

A few years ago, I started working with an addiction treatment center that had been doing well with reviews until a new local competitor opened and exceeded both the number of reviews and the average rating in less than one year (despite the client’s nearly 10 years in business).

This competitor was increasingly outperforming them in local search, so something had to be done. However, my client wasn’t sure how they could have received so many reviews without crossing ethical boundaries.

To outpace and keep up with this competitor’s reviews, we needed to secure 50 to 100 reviews and maintain a rate of at least one review per week. The problem was that the client hadn’t received consent from former patients for marketing texts or emails, and they also knew they couldn’t make soliciting reviews a day-to-day part of the clinical staff’s work.

The solution

Since the APA ethics rules primarily govern psychologists and clinicians, and because the reasoning behind the APA guidance relates to patients having undue influence, we determined that individuals who opted into alumni engagement and who were no longer in active treatment could be asked for a review (and only by non-clinical staff).

We decided it made more sense to focus on expanding the alumni program rather than facing the review dilemma head-on or in a vacuum because:

An alumni program would improve the overall patient experience and success rate, and it would be the best way to offer non-clinical experiences and interactions with other staff.
We would designate the non-clinical alumni coordinator responsible for requesting reviews, and only from alumni (no ethical concerns).
The alumni coordinator would have an in-person rapport with these patients (better for review conversion).

So, we enacted the following:

Tasked the alumni coordinator with review generation
- We didn’t create an incentive for the employee when they got reviews (I’ve never seen much success with that tactic anyway). Instead, we simply made it part of the job description and set the expectation that getting reviews every week was part of the gig.
- Now, we didn’t truly “enforce” this rule per se, but we did track it. When more than two weeks went by without any reviews, we would follow up with the alumni coordinator to see how things were going. Over time, the need for these check-ins decreased, and requesting reviews became part of the job.

We made an online alumni group and QR code cards
- When someone graduated from the program, they would be encouraged to stay involved with the alumni community. The patient would be given a QR code to join a private online group to stay current on upcoming events.
- We also included a QR code for finding the phone number and driving directions to the facility (via a link to the Google Business Profile), making it easy to find where to leave a review if they felt inclined.

When an alum verbally said they would leave a review, we texted them a link
- In my experience, most people will leave a review if you ask and make it easy to do. Many clients will agree to leave reviews, but unless you explicitly show them how, there’s rarely follow-through. It just might not be a priority for them, so they forget or put it on the back burner.
- Simplifying the review process worked well. A direct link sent via text drove higher completion rates — no questionnaires, no review gates, just a straight path to the Google Business Profile.

The result

In less than a year, we were able to generate 100 new reviews, outpacing the competitor. The average rating also improved from 4.6 to 4.8, which was also better than the competitor.

In the second year, an additional 100 reviews were gathered, which meant we generated more reviews in two years than the first nine years of business combined.

Healthcare reviews - Case study results after alumni check-in

Healthcare reviews - Case study results as of January 2026

As of February 2026, the facility is just shy of 500 reviews, still averaging at least one review per week — without crossing any ethical boundaries.

If you want to duplicate this review strategy, here’s the summary:

Review owner: Designate a non-clinical staff member responsible for reviews, such as alumni coordinator (and make a review count goal part of their role).
Review trigger: Alumni event attendance or joining the alumni community.
Request methods: In person.
Request delivery: Print materials with QR codes for patients to stay in touch, find the Google Business Profile, and consent to communications, followed by a direct link via text to leave a review.
Tracking: Weekly review count. Follow up with the review owner when the weekly goal isn’t achieved.

For third-party agencies and freelancers: If you help a healthcare client with an SMS service or share information about patient identities in any way between a “covered entity” and a third party, there should be a business associate agreement with those third-party vendors.

What not to do when generating reviews:

Don’t ask current mental health patients for reviews.
Don’t “gate” reviews (it is against Google guidelines, and it reduces conversion).
Don’t pressure or coerce clients or patients to leave a review.
Don’t incentivize staff or clients to leave reviews.

What if you’re a solo mental health practitioner?

If you’re a therapist or psychologist who can’t rely on non-clinical staff to request reviews, you aren’t without options. Some other things I’ve had success with include:

Reducing friction: Instead of an explicit “ask,” you can provide a QR code at checkout or a link in your follow-up emails that directs patients to your Google Business Profile for “Directions and Information,” making it easier for patients to leave a review if they are inclined to do so.
Leveraging aggregate data: If you are in a high-sensitivity field (like behavioral health), you can also publish aggregate client satisfaction scores or patient outcome reports on your website and review platforms. While it may not have the same ranking impact as reviews for local search, it will provide similar social proof without the ethical questions.

Get the newsletter search marketers rely on.

See terms.

Review replies and HIPAA compliance

In addition to getting reviews, replying to them is also important. While medical businesses can post replies to reviews, the subject matter in their response is regulated.

Merely acknowledging that a reviewer was a patient could be a risk under the Health Insurance Portability and Accountability Act (HIPAA) — even if the patient had already revealed as much in their review. That’s because HIPAA only regulates what providers share.

Patients are free to share whatever they like about themselves online, but that doesn’t change the provider’s legal responsibility to protect health information. (One California hospital learned that the hard way in 2013 with a $275,000 settlement after a spokesman commented to the media, stating that a patient’s medical records contradicted their own accusatory Yelp review.)

Generally, you should avoid acknowledging that the reviewer was a patient to remain compliant under HIPAA. Instead:

Focus on policy, not the person: Keep the response focused on general facility policies and practices around the complaint rather than the reviewer’s exact situation.
Move the conversation offline: Provide a direct line to a patient advocate or office manager.
Avoid confirming status: Even if a patient says, “I was there yesterday,” your reply should never say, “We enjoyed seeing you.”

While not legal advice, here are some example templates I often use when replying to reviews:

Negative review reply template:

“Privacy laws prevent us from confirming or denying whether any individual is a patient at our facility. However, we take all feedback seriously. Our policy regarding [insert issue] is [insert general policy]. If you would like to discuss a specific experience, please contact [insert contact instruction].”

Positive review reply template:

“Thank you for your kind words. We appreciate you taking the time to share feedback.”

Why these work:

These avoid patient status confirmation.
For negative reviews, it explains why you can’t respond directly and offers an alternative way to discuss their concern in detail.

Reporting reviews and HIPAA compliance

You also can’t tell Google whether someone was a patient. This applies when reporting a review as fake engagement — claiming someone “wasn’t a customer” can be risky if you’re a covered entity under HIPAA.

Instead, focus on other types of review violations. One of Google’s review policies regarding “misinformation” can be helpful in the healthcare industry.

For example, I once had a client who received a review claiming the medication they were prescribed wasn’t safe. This was totally false and easy to prove since it was FDA-approved. Google ultimately removed the review when this was pointed out.

Some of the other Google policies that can lead to the successful reporting of healthcare reviews include:

Offensive content, such as unsubstantiated allegations of unethical behavior or criminal wrongdoing.
Personally identifiable information (PII), such as the use of the first and last names of staff in the review.
Off-topic, such as leaving a review for a different facility or location.
Repetitive content, such as posting the same review from multiple accounts or the same review on multiple locations.

When you report reviews to Google, be sure to:

Correctly identify and list the policy category.
Quote the exact offending line from the review.
Provide evidence and explicitly explain why it violates the policy.
Avoid reference to the reviewer’s relationship to the facility.

See the complete picture of your search visibility.

Track, optimize, and win in Google and AI search from one platform.