Cyber attacks are all over the news these days. The most recent headline-grabbing incident was a major attack at Home Depot Inc, where hackers stole some ?53 million email addresses in addition to customer data for 56 million payment cards. A similar breach occurred at Target. It’s no wonder the US government is spending around $10 billion a year just to protect military secrets, social security identification numbers, and other sensitive government data.

So should you be concerned about the security of your practice website? Google’s recent announcement that it would use site security as a ranking factor for its search engine results set off a firestorm in the über-competitive cosmetic surgery space. Internet marketing companies are chomping at the bit to get you to buy in and increase your site’s security and rankings in the process.

Many of them are pushing for conversion to HTTPS. HTPPS stands for Hyper Text Transfer Protocol Security. It’s a variation of the popular HTTP, which is used to transfer the content of web pages from the servers where web pages are stored to browsers such as Google Chrome, Firefox, and Internet Explorer. When a site uses HTTPS, the data is encrypted as it is transferred.

A False Sense of Security?

So what does this mean for you and your hard-fought rankings? In all likelihood, very little. Only when two web pages are virtually identical is security even evaluated by Google, to break the tie. But 99.9% of the time, Google doesn’t consider the security factor for plastic surgery sites.[sidebar float=”right” width=”250″]

The content on your website is already designed for public consumption, so there is no real risk of theft or hacking. As such, there is no reason Google would favor your site ?if your content is encrypted.


Yes, security is very important when confidential information is being transferred online, such as on banking, e-commerce, or even social sharing sites. The added security protects against limited types of vulnerabilities, including so-called “man-in-the-middle” intrusions such as theft of credit card or sensitive personal information. If your site is not transferring this type of information, then HTTPS offers very little. The content on your website is already designed for public consumption, so there is no real risk of theft or hacking. As such, there is no reason Google would favor your site if your content is encrypted.

And, converting from HTTP to HTTPS is not always a hiccup-free process. When a site is switched over to HTTPS, all content on the site has to come from a secure source. So, if you have a gallery that is pulled from an unsecure source, it breaks down when the site goes fully secure. The same goes for your videos, surgery simulation software, and dozens of other plug-ins that enhance your website. As much as half of your site’s functionality can break down. In many cases, rankings actually fall because the broken components of the site made it harder for Google to “crawl.”

There are many other steps—such as developing unique, high-quality content—that are easier to take, can improve your standing, and don’t have the potential to break your site.

As Daniel Cristo wrote in a recent article in Search Engine Land, saying that every site should be encrypted is akin to saying the post office should encrypt all of your mail—including birthday cards, direct mail pieces, and catalogs. Kind of ridiculous, don’t you think?

David Evans

David Evans

David Evans, PhD, MBA, is the CEO of Ceatus Media Group, based in San Diego. His column, “The Edge,” appears in every issue of Plastic Surgery Practice. He can be reached via [email protected].