Whether you’re operating an addiction treatment center or run a broader spectrum of services related to behavioral health disorder treatment, there’s no question your firm is scrutinized and must operate by a different set of rules as required by HIPAA in particular.


Due to the nature of drug and alcohol addiction treatment and behavioral health treatment in general, it’s important for centers to ensure all information being submitted through your website is secured and is compliant with HIPAA.

Having evaluated hundreds of rehab center sites over the years, we’ve always been fascinated by how many of them don’t take the time to lock down their sites, at a minimum, via a Secure Socket Layer which is commonly known by its acronym SSL, but has essentially been deprecated in recent years and replaced by what’s known as Transport Layer Security (TLS)

We don’t want to bore you with all the techie talk and get deep into the minutiae of the differences between SSL and TLS, and certificates vs. protocols. That would require a blog post on its own, so let’s discuss what needs to happen for your rehab center to ensure your center creates a secure environment that appeases users, search engines, and HIPAA.

First, let’s make sure users don’t see a non-secure environment upon arriving at your site. Nothing is more off-putting to an end-user in terms of security than seeing the dreaded “Not Secure” message in browsers and the corresponding message stating the site isn’t safe such as on Google Chrome as an example:

Unsecured Connection

Additionally, Analytics analysis of sites lacking “Secure” messages on their site pages have significantly higher bounce rates and exit rates in comparison to sites that do. 

Second, if your site asks for, and acquires, personal data through “Contact Us” forms and “Verify Insurance” form-type submissions and it doesn’t have the proper encryption and TLS protocols, your center can get in BIG trouble since this lack of security flies in the face of HIPAA compliance requirements.

Parting Note:

Don’t fret, people. If your site isn’t secure via certificate and secure server-level protocols, it’s not too late to get your house in order and do it fast. If you’re not sure how to do this properly or at all, don’t hesitate to reach out to our addiction treatment marketing team and we’ll help get your site secure and HIPAA compliant quickly. 


Reviewed by:

Matthew Travers
Rehab Marketing Expert

Request a Quote & Free Early-Wins Analysis

If your census isn’t at 100% fill out the form below. We’ll architect a custom strategy to get you there ASAP.