Google prompts website owners to adopt HTTPS Everywhere

Safeguarding information is important to Google and it should be important to each of us. In 2014, Google adopted HTTPS Everywhere to move website owners to secure their websites and their data.  As healthcare providers, HIPAA has strict rules on how we manage patient information and patient communications.

Many dentists use their websites to collect patient information.   Dentists want their websites to be as interactive as possible.  Dental websites collect patient data from new patients as well as from current patients.  Data collected on these forms are transmitted to the dental office in the form of an email.  Here are common forms used on dental websites:

  • Contact Us form
  • Make An Appointment form
  • Health History form
  • Dental History form
  • Financial Information form

Addressing the encryption of patient data is of paramount importance to maintain HIPAA compliance.  Adding secure socket layer (SSL) protection in the form of a SSL certificate through your website host and email host is a good place to start.  Make sure that your patient-information portals are moved to an SSL page. Restricting access to the website and data coming to your office through your website should be restricted to trusted personnel.

Emails containing patient information must be encrypted at both ends to be HIPAA complaint.  Hosting companies like Godaddy and NetworkSolutions a web.com company, have staff devoted to helping website owners with SSL certificates and encrypted email.  Contact your hosting company for a phone consultation regarding website and email security and compliance.

HTTPS Affects Your Search Engine Placement

Google has announced that it will begin penalizing websites that have not been secured. The HTTPS designation is given to websites that have been secured.  Websites with URLs that appear as HTTP:// instead of HTTPS:// will be flagged by Google as unsecured.  Google will be giving preference to secured websites in search engine placement.

So you now have 2 reasons to adopt HTTPS Everywhere:

  1. HIPAA compliance
  2. Improved Google search placement

For those of you who are interested, here is a 45 minute video made by Google explaining their “HTTP Everywhere” initiative in detail.