What is SSL and why should you care?
Have you ever noticed a little lock icon and the word “secure” next to a URL in your web browser?
When you see that, it means that the site has an added layer of security called an SSL certificate. You also may notice that the URL begins with https instead of http. The extra “S” is for “secure.”
SSL (Secure Sockets Layer) is a way of encrypting websites to make them safer and less hackable. It establishes an encrypted link between the website and your browser, which allows all data transfered to remain private.
To create this added layer of security, your website needs to have an SSL Certificate installed.
For e-commerce websites — or anywhere that you provide personal information — having an SSL has long been a requirement. However, most informational websites could get away with not using one … until a few years ago.
If your site has an SSL Certificate, Google will reward it with an SEO Boost
Some expert freelance consultants, for example Freelance SEO consultant, Andy Drinkwater , who has been helping companies since 1999, explains that for the past few years, Google has been rewarding secure sites that use an SSL certificate with a slight boost to their SEO. However, as of this month, Google has also begun penalizing sites for not using SSL.
This means that if your competitor has an SSL Certificate (aka, a site URL that begins with https) and you don’t, your competition is probably going to come up higher on Google than you are.
Keep in mind, there are a myriad of other reasons why you might come up higher — securing your website is just a part of the puzzle.
Google Chrome Gets “Mad” If Your Site is Not Secure
Previously, if your site was not secure, all Google Chrome would do was display a little “i” icon. In 2017, the world’s most popular browser (aka, Chrome) began showing a much scarier red exclamation mark and the words “Not Secure” next to the URL.
Regardless of whether your website is e-commerce, informational, or personal, there’s something unsettling about seeing those words in the browser bar. For some people, it could be enough to drive them away … saying nothing about what it’s doing to your Google rankings.
The Old Way
The New Way
How do you get an SSL Certificate?
Depending on what type of web hosting package you use, a simple and shared SSL certificate may be included. If not, the certificate is always available for an additional fee.
If your website is currently lacking an SSL Certificate, please get in touch and let’s figure out how to change that. Whether you’re hosting your website through our Personally Managed Web Hosting or on some other server, we’re here to help!
Do Therapists Need an SSL Certificate to Be HIPAA Compliant?
Disclaimer — I am not a lawyer and you should 100% check with legal counsel before making any HIPAA-related decisions for your private practice website or your business as a whole.
The quick answer is yes — for your therapist website to be HIPAA compliant, you need an SSL certificate. That said, most websites for therapists do not need to be HIPAA compliant.
Here’s the question … are you housing PHI on your therapist website?
If so, you need to take more steps than just having an SSL certificate to be HIPAA compliant. However, the vast majority of therapist websites do not house PHI.
As I understand the law, your HIPAA duties do not begin until someone becomes a client. So the gray area is if someone fills out a contact form and provides PHI in that form and the data is stored on your web server, that PHI “could” be covered under HIPAA. Again, please consult a legal advisor before making any final decisions.
Having an SSL serves as a protective shield for client data. It encrypts sensitive information shared through appointment bookings, contact forms, or other interactions, ensuring that this data remains secure and confidential. The presence of the padlock symbol in the browser’s address bar also is a powerful trust signal. It communicates to visitors that the therapist takes their privacy and security seriously, thereby establishing credibility and trust right from the start.
In summary, SSL isn’t just a technical addition; it’s a vital step to protect client privacy, build trust, enhance SEO, and ensure HIPAA compliance for psychotherapists’ websites.
To dive deeper, visit the official SSL website.