Is Your Hospital Website Secure Enough for Google in 2017?
With 2017 only a few days away, there will soon be a very clear distinction between all hospital Websites: those that have TLS/SSL encryption security and those that don’t.
This distinction is not just a matter of whether or not your hospital Website uses TLS/SSL because of its implied security benefits, but it may soon have influence on your SEO rankings and how confidently Google’s Chrome browser presents your Website to visitors.
“But, wait, how do I know if my hospital Website—or any Website—is secure?” you might be asking yourself right now. It’s simple:
• Open your Chrome browser
• Type in your hospital Website address
• Let the page load
• Look for the icon that appears in the address bar to the left of the URL
Do you see a green lock icon in the address bar? If yes, and if the Website is yours, congrats, your hospital Website is secure! Do you not see it? Well, as you can guess, your Website is not secure.
Another way to check is to look at the complete Website address (URL) after it loads. Do you see a “https://”? If so, it should be secure (but this is not a hard and fast rule, as it depends on whether or not the security certificate is valid). Otherwise, if you only see the more common “http://”, then you can be certain that it not secure.
In this context, you are likely in one of two very distinct camps of hospital Website administrators and online healthcare marketers: those that understand what any of this means (and what to do about it) and those that don’t.
If you are in the latter camp, you’ll want to read this. But even if you are in the former and haven’t yet made a decision or taken action, you might also want to read on!
Google Chrome to ‘Shame’ Unsecured Websites in 2017
Although Google first announced that it would start giving more SEO juice to secured Websites in 2014, it was uncertain about how much impact this new Google ranking signal would actually have.
As virtually anybody that is responsible for their hospital Website SEO knows, there is never any one specific ranking signal that makes or breaks your Page rank, SERP positions, etc.. Rather, it’s a combination of factors and often some unknown algorithm change that you don’t discover until well after the fact!
Although still very much up for debate, SEO analysts indicate that the TLS/SSL impacts on ranking are typical in that although it might not hurt you if you don’t integrate it into your hospital Website SEO strategy, there is evidence that it can help you if you do.
However, on January 1, 2017, Google will enact a very explicit change that could make a direct impact: It will begin “shaming” Websites that don’t have TLS/SSL certificates by adding a “NOT SECURE” notice to where you’d normally just see the small icon that indicates security status. This will initially only affect Websites that collect passwords or credit card information, but will eventually affect all “http://” Websites.
At any Website, visitors are more likely to turn away or not return if they feel that their online security is at risk. Obviously, that not only hurts the SEO, but also the overall ability of the Website to fulfill its goals and objectives.
But for hospital Website visitors, that sentiment is likely to be even stronger, no matter if they are just casually browsing to compare you to another hospital they are evaluating or if they are intending to make an appointment or share other personal information.
Securing Your Hospital Website: What are TLS/SSL and Certificates?
Naturally, you want to do everything you can to make your hospital Website visitors feel secure in their online experiences and to relate them positively of your brand. Fortunately, making your hospital Website secure enough for Google Chrome in 2017 is not too difficult to achieve.
Without getting into a lengthy examination of how the Internet bridges a visitor to a Website or what the “TLS” or “SSL” acronyms mean or how “TLS/SSL certificates” work, the simplest explanation is your hospital Website visitors’ connections are either encrypted (secure) or they are not. If they are encrypted, it means that nobody can see the data that is passing between them and your Website. “TLS/SSL” is the technology that enables a secure connection; a “TLS/SSL certificate” is what actually binds the visitor and the Website securely.
But What About Mixed SSL Content?
“Mixed SSL content” means that you have some pages with TLS/SSL security and others without. If your hospital Website has mixed SSL content, you’ll need to update it so that the entire Website is secure. Otherwise, you can expect to get the unwelcome “NOT SECURE” label.
How to Convert Your Hospital Website to TLS/SSL
If you are now convinced that converting your hospital Website to TLS/SSL encryption is a best practice that you want to adopt, doing so can be a relatively simple process:
1. Request that the company hosting your site provide you with a Certificate Signing Request (CSR).
2. Visit your domain provider (e.g., GoDaddy) and purchase an SSL for three years or more.
3. Upload the CSR when prompted.
4. Download the SSL certificate, and send it back Web hosting provider.
At some point during this process, you may be asked about what type of SSL certificate to generate. You will likely be given with three options, each with increasing benefits:
• Domain Validated (DV) Certificate: Verifies your ownership of the domain
• Organization Validated (OV) Certificate: Proves that you own the domain and that your organization is legitimate (verification process that you are a legitimate business)
• Extended Validated (EV) SSL: Offers the highest level of assurance to your customers (applicants must pass an extensive vetting process)
When choosing a certificate, be sure to find out if it covers one domain or multiple sub-domains.
Once you acquire and install your TLS/SSL, you will now be able to provide a much more secure experience for your visitors and avoid any negative SEO or Chrome impacts.
As Sequence Health’s Associate Director of Search Engine Marketing, Susan Gullion is one of our most knowledgeable resources for enhancing our healthcare clients’ search engine marketing strategies with SEO, PPC and social media.
If you already host your hospital Website with Sequence Health, we can guide you through the process of selecting the best SSL certificate. For more information about hosting and other healthcare Website services, please contact us.