Make Sure Your Medical Practice Website Uses SSL Before the July 2018 Deadline
Google has announced that starting in July 2018, the Chrome browser (which is used by over half of all Internet users) will specifically and prominently warn users if a website is insecure. See Google’s announcement and this Search Engine Journal article to learn about the technical details.
With this change, any web page that uses HTTP instead of HTTPS will display a NOT SECURE warning. This erodes trust with web visitors, as people have come to expect to see Secure sites. The explicit Not Secure warning will further train people to think this way.
To see if your site has been upgraded to HTTPS, go to the site and look for a green lock and the word “Secure” next to your URL. You should also see the URL begin with https://, as opposed to http://.
In addition to the security improvement that this change provides, there are two other key benefits:
1. SEO improvements – Google announced back in 2014 that they were beginning to give preference to sites using HTTPS. This is only one of many ranking factors, but it is highly unusual for Google to even specify whether or not something is a ranking factor, so the fact that they did in this case indicates how important it is.
2. HIPAA compliance – an SSL certificate is one of the key components you need to have in place in order to have a HIPAA compliant form on your website. Any form that contains fields that people can type into has the potential to allow a patient to send you PHI. Even if the intention of the form is to collect other information, you can still be held responsible for a violation if a patient sends PHI and you do not properly secure their information.
Need help checking, upgrading your website security? We’re here to help!