Lately you may have heard people talking about the need for your website to be HTTPS or not just HTTP. Is this also true for Medical Practices? Is HTTPS better for HIPAA compliance? Does HTTPS cost more? How can medical practices change their sites from HTTP to HTTPS? This blog post aims to answer all these questions, so that your medical practice is informed and can take the appropriate action.
HTTP stands for "HyperText Transfer Protocol" and is the traditional way of transferring information between the website to your browser. HTTPS stands for "HyperText Transfer Protocol SECURE". As the name suggests, it is a more secure way of transferring information between the website and your browser.
You can tell by looking at the the URL bar at the top of your screen. At the beginning of the URL (on the left side), it will either say "HTTP://" or "HTTPS://".
For example, an http site will look like this:
Whereas an https site will look like this:
As a medical practice, there are two main reasons you should switch to HTTPS:
HIPAA states that medical providers should "protect against reasonably anticipated threats to the security or integrity of the information" (Source: https://www.hhs.gov/hipaa/for-professionals/security/laws-regulations/index.html). This includes the dangers of patient information being hacked. If your website collects patient information of any sort (e.g. online scheduling / online forms / or even contact forms), then you need to be taking action to protect it. Making your site HTTPS adds an extra level of security to your site, meaning that you are likely to be more HIPAA compliant.
Google has stated that sites with HTTPS will be given a slight "boost" in terms of SEO. Of course, it does not mean that you'll be top of Google as soon as you switch to HTTPS, BUT when it comes to SEO, every little helps.
So, considering HTTPS makes your practice more HIPAA compliant AND helps you appear higher in Google, we recommend that all Medical Practices switch to HTTPS. Read more about SEO for doctors.
In short, yes. You normally need to pay a fee for the SSL certificate which is required for HTTPS sites. However, this fee is usually below $200.
Changing from HTTP to HTTPS can be done in two steps:
If your site is hosted with GoDaddy, you can follow these instructions.
In terms of SEO, you may have hundreds (or thousands) of backlinks pointing to the HTTP version of your site. It would be a tragedy to lose all those backlinks! That's why it's important to set up forwarding, so that all http links automatically forward to the new https versions.
Interested in SEO for your practice's website? Please click on the link below which best matches your specialty:
Want more patients? Get your FREE e-book guide and find out how to get your medical practice TOP of Google and grow your practice.
With our guide, you'll learn: