Disclaimer: This content is provided for general informational purposes only and does not constitute legal advice. Laws and regulations governing healthcare marketing, patient reviews, and professional conduct vary by jurisdiction and may change over time. You should consult a qualified healthcare attorney regarding your specific circumstances before taking action.
Doctors review solicitation is a common search for healthcare providers who want to understand how they can legally encourage patient reviews without crossing ethical or legal lines. In our experience, physicians and medical practices often know reviews matter for prospective patients and local search results, but they’re unsure what federal and state laws actually allow when soliciting reviews or asking patients to leave feedback.
At Cohen Healthcare Law Group, we’ve spent over 25 years advising healthcare providers on compliance, online reputation management, and high-risk marketing practices. We work closely with doctors, clinics, and other healthcare practices to make sure review requests, patient feedback systems, and responses to online reviews are done carefully, ethically, and in a way that protects your practice and your license. Reach out to us today!
In this blog, we’ll break down how doctors can request patient reviews, what the Consumer Review Fairness Act means for medical practices, and why review gating, patient incentives, and incentivizing reviews can create legal risk. We’ll also cover best practices for responding to negative reviews, encouraging satisfied patients to write reviews across multiple channels, and using reviews as a compliant marketing tool that supports patient trust and informed healthcare choices.
What is Doctors Review Solicitation?
Doctors review solicitation refers to how physicians and healthcare providers encourage patients to leave reviews or provide patient feedback about their experience with a medical practice. In our experience, this usually involves review requests sent after an appointment. It could be asking patients to leave reviews on Google, a clinic website, or through satisfaction surveys. The aim of this is for prospective patients to better understand the patient experience and quality of care.
However, doctors review solicitation isn’t as simple as asking for more reviews. Healthcare practices must navigate federal and state laws, ethical guidelines, and industry standards that prohibit undue influence, review gating, or offering patient incentives in exchange for positive reviews. For instance, if a pediatric practice only asks satisfied patients to write reviews while filtering out negative reviews, that review process could raise concerns under the Consumer Review Fairness Act and state laws.
We’ve seen many patients rely on online reviews as a deciding factor when making healthcare choices, but we’ve also represented medical practices facing scrutiny for soliciting reviews the wrong way. The key is encouraging patients to leave feedback, whether positive or negative, carefully. These reviews should be done transparently, and without influencing what they say. It ensures the reviews remain trustworthy for other patients and safe for healthcare providers to use as social proof.
Legal Guidelines for Doctors Review Solicitation
In our experience, doctors review solicit questions usually come up because healthcare providers understand that referrals from other doctors and from patients are essential to growing a successful practice. Today, however, referrals don’t just happen through word of mouth. Many patients now rely on online reviews, testimonials, and social proof across Google, clinic websites, and other platforms when making healthcare choices. The reality is that higher ratings and positive reviews often become a deciding factor for prospective patients, especially in competitive local search results.
At the same time, doctors review solicitation is a regulated activity governed by both federal and state laws. Healthcare providers must comply with HIPAA, FTC regulations, and other ethical guidelines that protect patient privacy and prevent deceptive practices. For instance, even encouraging patients to leave reviews must be done carefully to avoid revealing protected health information or exerting undue influence over what patients say.
As Michael Cohen, our founder, often explains:
“Reviews can absolutely help a medical practice grow, but the moment a physician pressures a patient, offers incentives, or restricts honest feedback, the legal risk outweighs the marketing benefit.”
One major legal framework is the Consumer Review Fairness Act (CRFA), enforced by the Federal Trade Commission. The CRFA was enacted to ensure patients cannot be sued, penalized, or threatened for leaving negative reviews or honest patient feedback. In practice, this means medical practices cannot restrict a patient’s ability to write reviews, impose fees for poor reviews, or claim ownership over a patient’s online feedback, regardless of whether that feedback is positive or negative.
We’ve seen real-world examples where practices crossed the line by offering patient incentives, filtering reviews through review gating, or asking only satisfied patients to leave feedback. These impermissible solicitation practices can trigger FTC enforcement, fines, and even scrutiny from state medical boards. By contrast, permissible practices include neutral review requests sent to all patients, transparent review processes, and respect for the patient’s perspective, without steering outcomes or suppressing poor reviews.
To reduce risk, we recommend healthcare practices focus on best practices for compliance. We advise that you should obtain informed consent before using testimonials, train staff on how to discuss reviews appropriately, and avoid responding to negative reviews in ways that confirm patient identity. Working with experienced healthcare compliance counsel can help ensure your online reputation management efforts support patient satisfaction, protect patient privacy, and keep your practice on the right side of federal and state laws.
The Consumer Review Fairness Act (CRFA)
In our experience, the Consumer Review Fairness Act (CRFA) is one of the most misunderstood laws affecting doctors review solicitation and online reputation management for healthcare practices. The CRFA was enacted to protect patients and consumers by ensuring they can write reviews without fear of being sued, penalized, or silenced. At the same time, the law also protects medical practices that operate fairly and earn positive reviews based on quality care, not incentives or legal threats.
The CRFA was passed after reports that some businesses, including healthcare practices, used contracts allowing them to punish patients for posting poor reviews. Today, the CRFA protects online reviews, social media posts, uploaded photos, videos, and written evaluations from a patient’s perspective. As enforced by the Federal Trade Commission, the law makes it illegal for any medical practice to use contract provisions that restrict a patient’s ability to write reviews, impose penalties or fees for negative reviews, or require patients to give up intellectual property rights in their feedback.
As Michael Cohen often advises clients:
“The CRFA draws a clear line as patients must be free to share their honest experience. Any attempt to control, punish, or contract around reviews creates immediate legal exposure for healthcare providers.”
That said, the CRFA does allow healthcare practices to remove or prohibit reviews when they have control over the platform and the content crosses certain boundaries. For example, reviews may be restricted if they contain confidential or private information, are libelous or abusive, include discriminatory or obscene language, are unrelated to the services provided, or are demonstrably false. Importantly, a negative patient experience alone does not make a review misleading.
Violations of the CRFA can be treated like other FTC actions involving unfair or deceptive practices, which means fines, enforcement actions, and reputational damage are real risks. We regularly recommend that healthcare providers have a skilled healthcare lawyer review contracts, intake forms, website terms, and review policies.
The FTC’s Endorsement Guidelines
The FTC has its own set of endorsement guidelines that health practices need to understand. Failure to follow the guidelines may lead to an FTC complaint for unfair practices of deceptive practices.
At their core, the guidelines require disclosure of any relationship that could affect how consumers evaluate a review. For example, if a testimonial comes from an employee, a relative of a physician, or a patient who received anything of value, that connection must be clearly disclosed. Without disclosure, even a genuine positive review can become legally misleading.
Healthcare practices should review several key endorsement questions with a healthcare lawyer, including when disclosures are required, how disclosures should appear, whether testimonials reflect a typical patient experience, and what responsibility the practice has for statements made on social media. This applies not just to physicians, but to clinics, dentists, chiropractors, mental health providers, and healthcare businesses using reviews as a marketing tool.
The FTC allows practices to ask patients about their experiences and to quote those comments in advertising, as long as patients are not given a reason to expect compensation before providing feedback. Paying a patient or offering a benefit after feedback is given may be permissible, but only if the relationship is disclosed. Offering discounts or gifts in advance for “good reviews,” however, is generally a bad idea because it incentivizes positive feedback and undermines the credibility of the endorsement.
The same rule applies across platforms. If someone receives a free or discounted product or service in exchange for a review, even on just one website, that relationship must be disclosed everywhere the endorsement appears. From the FTC’s perspective, patients and consumers have the right to expect reviews are based on merit, not incentives. We recommend healthcare practices take a conservative approach, document their review process, and seek legal guidance to ensure endorsements enhance trust rather than create compliance risk.
The FTC guidelines are set forth in a series of Questions and Answers. A few examples follow:
- Can my company contact patients/customers and interview them about their experience about the practice’s services or the company’s products? Can the company ask the patient/customer to be allowed to quote the evaluations in their ads?
Yes. According to the Federal Trade Commission, healthcare practices may contact patients or customers to ask about their experience and may request permission to quote those comments in ads, testimonials, or on a website. We recommend making these requests neutral and optional so patients don’t feel pressured and informed consent is clear.
- Can the business pay the patient for using their endorsements?
The answer is that it depends. A healthcare practice cannot give a patient any reason to expect compensation or another benefit before they provide their comments. Once feedback has already been given, payment may be possible, but only if the relationship is clearly disclosed. In our experience, even suggesting upfront that comments might be used in advertising can imply a benefit and create compliance concerns.
- Can “I tell people that if they say good things about my business on Yelp or Etsy, I’ll give them a discount on items they buy through my website?”
Generally, this is a bad idea. A discount is an incentive to offer a positive review. If a discount is being offered, the discount should be clear and verifiable that the provider or company told the patient/consumer that whenever the patient or consumer posts their comments the posting should also disclose the discount or other benefit. One verifiable method is to inform the patient that the health provider will examine the site to see if the disclosure was indeed provided and that the discount is conditioned on the company seeing the disclosure on the site.
- “A company is giving me a free product to review on one particular website or social media platform. They say that if I voluntarily review it on another site or on a different social media platform, I don’t need to make any disclosures. Is that true?”
Yes. If a reviewer receives anything of value, the connection must be disclosed everywhere the endorsement appears. It doesn’t matter how the benefit was delivered or where the first review was posted. From the FTC’s perspective, readers have the right to know whether a review reflects merit or an incentive.
Additional FTC Guideline Issues
Many compliance problems don’t come from whether a healthcare practice solicits reviews, but how those reviews and disclosures are presented. The FTC makes it clear that disclosures are only effective if patients and consumers actually see them. For example, placing a disclosure at the bottom of a webpage or on a separate page entirely does little to inform readers if the review or testimonial appears front and center. We recommend disclosures appear immediately next to the review so the patient’s perspective is fully understood.
The FTC also draws firm lines around honesty and authenticity. Endorsers cannot review a service or product they haven’t actually used, and they cannot provide positive reviews if they know the care or service was poor. In healthcare, this matters because misleading endorsements can influence healthcare choices and undermine patient trust. From the FTC’s viewpoint, a glowing testimonial that isn’t grounded in real patient experience is just as problematic as a false claim.
Paid spokespeople and professional endorsers may be used, but only with clear disclosure that they are being compensated. The same applies to employees. If a staff member posts a review saying, “This clinic provides excellent care,” the FTC requires that their employment relationship be disclosed. Without that transparency, the endorsement may be considered deceptive, even if the statement is true.
We’ve seen practices receive FTC warning letters simply because they overlooked these details. That’s why we recommend healthcare providers work with experienced healthcare compliance counsel before posting, soliciting, or responding to endorsements. A proactive review of your review process can help prevent enforcement actions, forced content removal, fines, and long-term damage to your online reputation.
Additional Solicitation Issues Doctors And Health Companies Need To Consider
Doctors review solicitation becomes far more complex once you move beyond basic FTC rules and start considering ethics codes, patient vulnerability, and healthcare-specific laws. That’s why we always recommend physicians and healthcare companies review solicitation strategies with a skilled healthcare lawyer before encouraging patients to leave reviews or testimonials.
Professional ethics codes play a major role and can vary based on the type of treatment and where services are provided. Some medical boards and specialty organizations allow endorsements only if they are honest and fully disclosed, while others discourage or restrict endorsements altogether. Even when incentives are disclosed, certain practices consider testimonials inconsistent with ethical guidelines, which can expose providers to discipline beyond federal enforcement.
Mental health providers face heightened risk. Organizations such as the American Psychological Association and the National Association of Social Workers generally disapprove of soliciting reviews or testimonials from current therapy clients. These patients may feel pressured to leave positive feedback out of fear it could affect their care, making solicitation especially sensitive and potentially unethical.
Referral laws also matter. Under the Stark Law and the Anti-Kickback Statute (AKS), healthcare providers must be careful when using testimonials from referring physicians or business partners. In many cases, a safer alternative or parallel strategy is using peer or professional testimonials that do not involve referrals or anything of value exchanged, reducing the risk of improper influence.
HIPAA compliance remains a constant concern. Engaging with patients on third-party platforms like Facebook, Yelp, or Google carries the risk of inadvertently disclosing protected health information. Even acknowledging someone as a patient in a response to a review can create exposure. We recommend strict internal policies that limit who can respond to reviews and how those responses are framed.
Finally, consent is critical. While many patients are willing to share positive feedback, healthcare providers should obtain written permission before using endorsements in marketing materials. Most reviews live on third-party platforms, and a balanced mix of feedback often builds more credibility than only glowing testimonials. As a general rule, the most effective way to earn positive reviews is still providing quality, caring, and timely service.
At Cohen Healthcare Law Group, we help healthcare providers understand the boundaries between proper solicitation of patients, employees, and business contacts and deceptive advertising. Our experienced healthcare attorneys guide clients through federal and state laws so they can promote their practice carefully while minimizing compliance risk.
Effective Strategies for Soliciting Doctor Reviews
In our experience, the most effective doctors review solicit strategies are simple, consistent, and compliant. Healthcare providers can request reviews both verbally and in writing, as long as the request is neutral and pressure-free.
For example, a front-desk staff member might say, “We value patient feedback. If you’re comfortable, you’re welcome to leave a review about your experience,” while written review requests can be sent via email, text message, or a QR code on a checkout card or clinic website. We recommend training staff to keep these requests optional and uniform for all patients to avoid undue influence.
Timing matters. Review requests are generally most appropriate after treatment is completed or at a natural pause in care, when patients have had enough experience to offer meaningful feedback. For instance, asking for reviews immediately after a complex or ongoing treatment, especially in mental health or therapy settings, can feel coercive. Typically, post-visit follow-ups or discharge communications strike the right balance between relevance and respect for the patient’s perspective.
Technology can make review collection easier and more consistent. Many healthcare practices use automated review requests through online platforms, satisfaction surveys, or tools like Press Ganey to gather patient feedback across multiple channels. These systems help create a steady, compliant stream of reviews without staff selectively choosing who receives a request. From an online reputation management standpoint, this also improves practice visibility in local search results and search engines like Google.
What we strongly caution against is incentivizing reviews. Offering discounts, gift cards, or other benefits even with good intentions can violate FTC rules, ethical guidelines, and state laws. As Michael Cohen often advises clients:
“The safest review strategy is one that doesn’t try to shape the outcome. The moment incentives enter the picture, the legal risk usually outweighs any marketing benefit.”
Finally, practices should focus on encouraging honest and balanced feedback, not just positive reviews. Prospective patients often trust practices more when they see a realistic mix of experiences, and regulators look favorably on review processes that are transparent and fair. In our experience, healthcare providers who prioritize quality care, patient satisfaction, and ethical review requests tend to build stronger trust and a more resilient online reputation over time.
Navigating HIPAA Privacy Concerns in Review Solicitation
HIPAA does allow healthcare practices to ask patients to leave reviews, but the request must be neutral and must not include any identifiable health information. For example, sending a generic post-visit email asking patients to leave feedback on Google or via a QR code is typically compliant. By contrast, responding to a poor review by saying, “We explained your treatment plan during your visit,” would likely be non-compliant because it confirms patient status. According to the U.S. Department of Health and Human Services Office for Civil Rights (OCR), HIPAA violations can result in civil penalties ranging from $137 to over $68,000 per violation, with annual caps exceeding $2 million, depending on the level of negligence.
To share patient testimonials or detailed reviews, healthcare providers must obtain HIPAA-compliant written authorization that clearly explains what information will be shared, where it will appear (such as a website or social media), and that the patient has the right to revoke consent. We recommend keeping authorization forms separate from intake paperwork and documenting consent carefully, especially for small practices without dedicated compliance teams.
From a risk management standpoint, the safest approach is consistency and restraint. Train staff never to reference care details in review responses, limit who can respond publicly, and audit review practices regularly. A compliant tactic is asking all patients to leave feedback without filtering or review gating; a non-compliant tactic is acknowledging a reviewer as a patient or discussing diagnosis or service details. When handled carefully, review solicitation can support patient trust and online reputation—without exposing your practice to HIPAA violations or regulatory scrutiny.
Common Legal Pitfalls in Doctors Review Solicitation and How to Avoid Them
Below is a compliance-focused table we often use with healthcare providers to spot high-risk review practices early and correct them before they become regulatory or reputational problems.
| Legal Pitfall | Why It’s a Problem | Real-World Example | How to Avoid It |
|---|---|---|---|
| Fee-Splitting Risks | Offering anything of value tied to referrals or reviews may violate state fee-splitting rules, the Anti-Kickback Statute, or professional licensing laws. | A clinic offers gift cards to patients who leave Google reviews that lead to new patients. | Avoid tying reviews to compensation or referrals. Review arrangements carefully, especially where money, discounts, or benefits are involved. For more context, see our guidance on fee-splitting and healthcare marketing compliance. |
| Misrepresenting Reviews or Physician Credentials | Editing, fabricating, or exaggerating reviews or overstating physician credentials can be considered deceptive advertising under FTC and state laws. | A practice highlights only 5-star reviews while suppressing negative reviews or lists a physician as “board-certified” when they are not. | Use reviews as written, avoid cherry-picking through review gating, and verify all credentials before publishing testimonials or marketing content. |
| Violating Employment or Contractor Agreements | Soliciting reviews from employees or contractors without disclosures may breach contracts or FTC endorsement rules. | A staff member posts glowing reviews without disclosing they work at the clinic. | Train employees on disclosure requirements and review employment agreements before encouraging staff endorsements. |
| Unlawful Incentives or Coercion | Incentivizing reviews or pressuring patients can create undue influence and violate ethical guidelines, FTC rules, and state laws. | A doctor tells patients that positive reviews “help keep the practice open” or affect staff bonuses. | Make review requests neutral, optional, and uniform. Never offer incentives or imply consequences tied to patient feedback. |
| Failure to Document Review Solicitation Policies | Lack of documentation makes it difficult to defend against complaints, audits, or board inquiries. | A practice cannot explain why some patients were asked to leave reviews and others were not. | Maintain written solicitation policies, train staff consistently, and document review processes to show good-faith compliance. |
Best Practices For Responding To Negative Reviews
A thoughtful, compliant response can protect patient trust, improve online reputation management, and even influence prospective patients who are evaluating healthcare choices. Below is the step-by-step methodology we recommend:
- Step 1: Pause and assess the risk before responding
Before replying, determine whether the review poses HIPAA, ethical, or legal concerns. Make sure the response will not confirm the reviewer is a patient or disclose any patient information. We recommend designating a trained staff member or compliance lead to review negative reviews first, especially for small practices without legal teams. - Step 2: Acknowledge the feedback without confirming patient status
A compliant response should be calm, respectful, and neutral. For example: “We strive to provide quality care and value all feedback.” This shows other patients and potential patients that the practice takes concerns seriously, without violating privacy or escalating conflict. - Step 3: Never argue facts or correct the patient publicly
From the patient’s perspective, arguing details almost always backfires. Even if a review is inaccurate, responding defensively can damage patient satisfaction and credibility. We’ve seen many patients trust a measured response more than a perfect rating, because it signals professionalism and transparency. - Step 4: Invite the conversation offline
Encourage the reviewer to contact the clinic directly to discuss concerns. This shows accountability while keeping sensitive details out of public view. For instance: “We welcome the opportunity to discuss your concerns directly. Please contact our office.” This approach aligns with ethical guidelines and reduces the risk of further poor reviews. - Step 5: Document and analyze the feedback internally
Negative reviews are often valuable patient feedback. Track themes such as wait times, communication issues, or service breakdowns, and use them to improve the patient experience. Practices that treat reviews as a learning tool often see fewer poor reviews over time and a more consistent stream of balanced feedback. - Step 6: Avoid incentives, threats, or review removal pressure
Never pressure patients to edit or delete reviews, and do not offer incentives to offset negative feedback. These actions can violate federal and state laws, including FTC rules and the Consumer Review Fairness Act, and may be seen as undue influence. - Step 7: Stay consistent across multiple channels
Patients find reviews on Google, healthcare directories, and social platforms. Make sure responses follow the same compliant tone everywhere. Consistency improves practice visibility, supports social proof, and reassures new patients that the practice handles concerns responsibly.
Need Help With Doctors Review Solicitation?
In our experience, most doctors review solicitation issues don’t come from bad intent, but from uncertainty about what the law actually allows. Between federal and state laws, HIPAA privacy rules, FTC regulations, and professional ethics standards, even well-run healthcare practices can unintentionally expose themselves to compliance risk when encouraging patient reviews.
Taking a proactive and compliant approach allows reviews to remain a valuable marketing tool while protecting patient trust and patient privacy. When review requests, responses to negative reviews, and use of testimonials are handled carefully, healthcare providers can support patient satisfaction, improve practice visibility in search engines, and build credibility with prospective patients.
If you need guidance, Cohen Healthcare Law Group can help. With over 25 years of experience advising physicians, clinics, and healthcare businesses, our healthcare attorneys help you implement compliant review strategies that protect your reputation, reduce legal risk, and support long-term practice growth. Contact us now
FAQs
Below, we address the most common questions we hear from physicians, clinics, and healthcare practices trying to encourage patient reviews carefully and compliantly.
What Are The Legal Risks of Soliciting Patient Reviews?
The main risks include HIPAA privacy violations, FTC enforcement for deceptive practices, and penalties under laws like the Consumer Review Fairness Act if reviews are restricted or manipulated. We’ve seen medical practices face fines, board scrutiny, and reputational damage simply for using review gating or incentivizing reviews without proper disclosures.
How Can Doctors Ask For Reviews Without Violating HIPAA?
Doctors may ask patients to leave reviews as long as the request is neutral and does not include or disclose any patient information. We recommend generic post-visit review requests and extreme care when responding to negative reviews so patient status or treatment details are never confirmed.
Are Incentives Allowed For Patient Reviews?
In most cases, offering incentives creates high risk because it can be seen as undue influence and violate FTC rules or ethical guidelines. In our experience, even small discounts or gifts can undermine trust and should generally be avoided by healthcare providers.
What Should Be Included In A Patient Review Solicitation Policy?
A strong policy should outline who can request reviews, when requests are sent, how reviews are collected across multiple channels, and how staff should respond to feedback. We also recommend documenting HIPAA safeguards, prohibiting review gating, and banning patient incentives to reduce compliance risk.
How Do Federal Laws Affect Online Review Solicitation?
Federal laws like HIPAA, the FTC Act, and the Consumer Review Fairness Act directly shape how medical practices can solicit, use, and respond to online reviews. These laws are designed to protect patient privacy, ensure honest feedback, and prevent healthcare providers from suppressing negative reviews or misleading prospective patients.
Contact Us
Related Posts
