Supporting & Protecting Your Customers with ADA & HIPAA Compliance

In the world of digital marketing, the question of whether your website is compliant has become hugely relevant. ADA and HIPAA are the two leading sections of compliance and while both seek to improve the user experience on a website, each serves users in a different way. Think of HIPAA compliance as an opportunity to protect your users’ privacy, while ADA compliance seeks to support your users no matter their ability. At McD Digital, we believe that being ADA and HIPAA compliant not only ensures you’re following the rules — it also improves the customer/patient experience and can even improve your site’s performance.

Protecting Your Users through HIPAA Compliance

The goal of HIPAA is to protect users’ Personal Health Information (PHI). What’s not simple is what PHI actually is. While PHI includes information like patient names, Social Security numbers and medical records, it can also be as simple as whether a user visits a specific page on your site.

Imagine someone goes to the pregnancy page on your healthcare site. In this case, you run the risk of HIPAA noncompliance since tracking tags can recognize that a specific user is on the pregnancy page, potentially revealing that user’s medical status. Even that information can be considered PHI protected by HIPAA.

As technology advances and data tracking becomes smarter, protecting PHI can get really nitty-gritty. In fact, most HIPAA violations are unintentional with healthcare organizations using normalized practices that are quickly becoming noncompliant. Intentional or not, failing to meet regulations could mean a fine of up to $1.5 million, not to mention potentially breaking trust with your patients.

How to Be HIPAA Compliant

• Sign a Business Associate Agreement (BAA) with your tracking vendor.
  • Signing an agreement with the company tracking the data on your site is a straightforward way to protect PHI. A BAA allows you to establish a legally binding relationship with your vendor with both parties committed to protecting PHI. Unfortunately, Google, the most common tracking vendor, has recently said it will not sign a BAA with website owners, making other options necessary.
• Switch to server-side tracking.
  • Server-side tracking allows you to control the data. Add a line of JavaScript code to your site and have all the tracking information sent to server space you own. While the data is in your server, you have a chance to filter out PHI before sending it on to Google, allowing you to protect PHI while still getting helpful tracking information. Bonus: Adding your own JavaScript decreases the number of data streams, helping to improve site speed and even prevent ad blockers!

Supporting Your Users through ADA Compliance

While HIPAA compliance is specific to healthcare sites, ADA compliance has become relevant for any website in any industry. According to some studies, lawsuits having to do with web accessibility have increased by 200% since 2008. More importantly, both businesses and website users are increasingly aware of disabled people’s right to use a website, leading marketers to agree compliance is also simply the right thing to do.

The Department of Justice has affirmed websites are places of accommodation. Just as a brick-and-mortar building should be accessible, websites should be built with disabled people in mind. Not only does this protect you from litigation that could cost you up to $30,000, but it also helps you bolster a loyal customer base since users will trust you when they see you’re trying to be inclusive to all people.

You must be thinking, “Great! But what does it actually mean to be ADA compliant?” Funny enough, the ADA doesn’t specify guidelines for a compliant website. Instead, the industry standard is to refer to the Web Content Accessibility Guidelines (WCAG). The WCAG lays out principles for website compliance that account for vision impairment, motor and mobility impairment, epilepsy, cognitive disorders, and aging.

How to Be ADA Compliant:

ADA compliance comes with many factors to consider, so what do you do if you already have a website but don’t have the time or resources to totally rebuild? While redesigning with accessibility in mind can be a long-term goal, here are some best practices that you can implement now.

• Text size: People with a visual impairment often rely on screen magnifiers and screen readers to access text. One way to help with this is to increase text size on pages.
• Closed Captions and Alt-text: Screen readers allow people with visual impairments to access information through videos and images. To do this, include descriptive alt-text and closed captions.
• Color contrast: Stay away from color-centered language on your website (e.g., “Required fields in red”). Additionally, choose a background color that allows text to pop for people with a form of color blindness to access your content.
• Keyboard navigation: To accommodate those with motor impairments, ensure your site can be navigated exclusively through a user's keyboard without the need of a mouse.

McD Digital Can Help Your Site Be ADA & HIPAA Compliant

Staying up to date on compliance regulations can be time consuming, potentially taking away from the great work you’re already doing. While being compliant will ultimately allow you to reach more people, initially getting there can take a lot of time and resources.

That’s where we come in. We love the work our clients do, which is why McD Digital wants to partner with you to ensure your site is both HIPAA and ADA compliant. Here’s what we can do:

1. We can work with you to set up a server-side tag management system. Whether through our experts at McD Digital or companies like JENTIS, we can ensure user data is sent to a server that you control, allowing you to be HIPAA compliant without having to worry about signing a BAA with Google. And don’t worry, once that data is cleared, it will be sent to Google so you can still gain helpful insight on how your site is serving your users.
2. We recently partnered with accessiBe, an AI-powered solution to being ADA compliant. Simply install their accessWidget and when users with screen readers come across your site, they’re notified and can adjust the site to access your content in a way that fits their needs. They can adjust the color contrast, increase text size and add alt-text to certain images on the page. AccessiBe even offers regular site audits to ensure you remain aware of continued opportunities to grow.
3. Finally, an SEO contract with McD Digital means you’ll have someone constantly monitoring your site and ensuring your site is optimized and evaluated for compliance every year as rules change.

Protect and Support Your Users

No matter your industry, your website should strive to be compliant, both to protect your business or organization and to ensure you’re reaching people from all walks of life. ADA and HIPAA compliance is a way to care for your customers or patients while optimizing your site’s performance.

Contact Jenna Ferrell at jferrell@mcdmarketing.com or call 309-346-6974 to learn more.