This week on the HIPAA Insider Show, it’s Part 2 of our essential plugin series—this time focused on performance. A fast, responsive site isn’t just good UX; it’s a critical piece of patient trust and SEO. We dive into caching, image optimization, and server-level tools to keep your healthcare website blazing fast and rock solid. Plugins reviewed include WP Rocket, Imagify & Perfmatters.
Transcript
Adam Zeineddine
Hello and welcome to the HIPAA Insider show by HIPAA Vault. My name is Adam Zenidine, your co host and joining me as always is Gil Vidals, CEO and founder of HIPAA Vault. Hey Gil, how you doing today?
Gil Vidals
Doing great Adam. I’m looking forward to our conversation today.
Adam Zeineddine
Third part today of three parts. So we’ll come into the final part here. The first two parts. The first one was we focused on Healthcare and WordPress and plugins for security. The second part was plugins for performance on WordPress. And our final part today we’re going to be talking about functionality, which is very important as well. So we’re going to be diving into some healthcare specific tools and plugin functions that you can use for your WordPress site. Yeah, definitely. So let’s dive into the plugins and we’re going to actually start with themes. Gil. So the first section, we’re going to be looking at medical themes. So Astra is at the top of the list. Wpastra.com is what we’re reviewing here. They have a number of different themes specific to healthcare.
Adam Zeineddine
If you go under business and services, you’ll see healthcare and wellness, doctor, hospital, dentist and dental, medical clinic, therapist. You name it, they’ve got it. So we just click on let’s say medical and clinic and then you’ll see a bunch of options for that and then you can go and do a live preview. Gil, could you talk a little bit about themes in general and why they’re so useful?
Gil Vidals
Well, themes are really a great way for a medical practitioner to pick out a theme that’s oriented for their practice. So if you’re a therapist, you have themes that are specific to therapists and they’re really ready to go. I mean, that’s the beautiful part. They look professional, ready to go. And how much are they worth? I mean, well, think about how does it cost to design a theme? You know, you’re talking $5,000 easy. And a lot of these themes, you can get them for $50, 25. So you could pay more. I mean, there are themes that can cost over a hundred dollars, but the payment for these themes is kind of interesting. Adam, some of these themes sell based on how many they’ve sold. Like if you want to be one of 10 people that owns it, you’re going to pay more money.
Gil Vidals
If you don’t care, if you don’t care that other people are using the same theme, then maybe you don’t pay very Much at all. Maybe pay five bucks. But theme developer has to make money too. So the way they make money is if they’re going to take theme off of their website because they’ve sold it to five people, you’re one of those five. Let’s say that you’re going to pay more money. You might Pay, you know, $150. So themes save you time and they save you money. They look professional and they’re right up your alley as far as your particular medical practice. So I, I really think themes are great for all those reasons I just said, especially saving you time.
Adam Zeineddine
Yeah. And the pricing here is listed. It’s not like you said, starting at $49 and then you have a business toolkit that’s $149. And depending on whether you’re a healthcare marketing agency or you’re, you know, a startup clinic, there’s going to be a plan for you moving on to the next theme, medicenter. And by the way, none of these are sponsoring us. It might sound like that, but this is, these are all themes that just come up a lot because we do HIPAA compliant hosting for websites. We help customers secure the hosting of the website and these things come up because we work with developers a lot. Medicenter, as the name suggests, built for specifically for clinics, including timetable and booking elements in there as well. And we’re gonna talk about booking and forms a little bit later but this one has everything included.
Adam Zeineddine
So medicenter team through the Envato market, if you go to purchase theme, you can see 69 for the regular license and then you can get an extended license.
Gil Vidals
The extended license says used by you or one of your clients in a single end product which end users can be charged for. The end user means those that are using the website and the services the website provides.
Adam Zeineddine
Yeah. So I think this could be useful for let’s say if it’s a healthcare marketing agency and they have a lot of clinics that
they’re building the site for, this will be a very good way for them to have the extended license to add more and more clinics. They’ll get a similar look and feel with some customization and then they can scale the license that way.
Gil Vidals
Yeah, that’s great because that would be like, let’s say the agency has 10 customers. So they say, well 2009, 50 divided by 10, that’s just under $300 per customer. And I guarantee the agency is going to be charging A heck of a lot more than $300 for creating their site. They’re going to charge many thousands of dollars. So it’s a great deal for the agency or the owner. It doesn’t have to be an agency. It could be an owner that owns a lot of clinic.
Adam Zeineddine
Yeah, absolutely. So we looked at Astra Medicenter and now we’re just going touch on general themes and where you can purchase them if you don’t like how customized those themes are. There is a general market themeforest.net GIL is one that comes up a lot. It’s a marketplace for WordPress themes, whether it’s healthcare or other than healthcare. That’s a good place to go.
Gil Vidals
Yeah. How many do you have under the healthcare category? Are you getting a lot?
Adam Zeineddine
Let’s see here. WordPress.
Gil Vidals
See Healthcare.
Adam Zeineddine
Yeah, there’s 331.
Gil Vidals
331 under Healthcare. That’s a lot. So, so basically the moral of the story is there are many, many WordPress clubs. They call them or stores, and you can find hundreds, like in this case, 331 medical. Medically oriented WordPress themes. And I guess one thing we didn’t mention, Adam, at the top of the call, is probably worth talking a little bit about for our audience. What do we mean by a theme? Yeah, so the WordPress site, the way that WordPress works is you get the look and feel of the site. By look and feel, we mean the font, we mean the style, the images. That’s theme. And theme is something that is the same throughout the whole site, the homepage and all the interior pages.
Gil Vidals
So once you have theme, the header, the body, the footer, the look, feel, font, color, all of that is called theme. Once that’s done, then you’re just basically backfilling the page content. That is, you’re adding your own images, you’re adding your own content. So that’s what we’re talking about. That’s theme. And these clubs, these slash stores, boy, they popped up and there are so many of them. Interesting little tangent, Adam. I know we didn’t plan on talking about that, but we could give it a mention that we could talk about it in depth later. But it’s possible now if you’re a good prompter of AI, you could use the AI to steer the AI to create your own theme.
Gil Vidals
You could tell the AI, for example, you know, I want you to create a WordPress theme for me that’s medically oriented, describe your desire, the look and feel, the business you’re in. You could even say, draw, let me see a picture of theme. You could say, show me three renditions of this theme for a therapist or whatever through AI is another way where you could do it. Now, that would be more frustrating if you haven’t used AI before or you haven’t used it very much. I wouldn’t recommend just thinking, oh, well, Gil and Adam said I could make this great theme if I use AI. No, with AI, you have to know how to drive it properly to make a good one. And maybe we could do that.
Gil Vidals
Another podcast is actually do one of those in a session with AI and we can show the audience how to properly steer the AI in the right direction. But. So that’s another way to do it. But I would. For a quick win, where you want something that you pay for that has support, say you buy theme, you’ve installed it, you like, it looks a little funky, out of alignment. Well, if you buy it, you could go back to the author and say, hey, Mr. Author, there’s a small bug in your footer of your theme and they’ll fix it for you. But if you get a free theme or you paid one buck, you know, what kind of support do you think you’re going to get for a buck?
Gil Vidals
You know, you get what you pay for, so don’t expect a great support if you don’t pay anything for it. So that’s why I always, I highly recommend, especially if you’re a professional, your time is limited. Pay for the plugins, pay for themes, and you’ll be much happier because you’ll have a professional site with commercial support, which you’re going to need from time to time.
Adam Zeineddine
Yeah, definitely. On your suggestion about building a website using AI listeners and viewers, if you’d like to see that, hit the like button. And if we get many likes, let’s say we get 25 likes on the video, we’ll go ahead and do that for you. How about that, Gil?
Gil Vidals
That sounds good to me. I think it would be fun to do.
Adam Zeineddine
And give us a subscribe while you’re at it. Okay, so moving on to the second section. So we discussed themes. We’re going to talk about booking plugins or scheduling plugins. And the first on our list is WP Booking Calendar. Before we dive into it though, Gilbert, could you discuss the use cases here? I mean, I suppose at a high level it’s pretty obvious if someone on the site wants to book an appointment, right?
Gil Vidals
Yeah, for booking appointments. I think there’s a lot of these booking, scheduling type of plugins. I personally, Adam, use Calendly for my appointments because Calendly ties into my Google Calendar and it shows exactly when I’m available. So when someone wants to meet with me, I just send them the calendar link and they pick a time I’m available, they schedule it. So if somebody uses Calendly, I’m sure that WordPress has a plugin that would be integrated with Calendly or with your Google Calendar. So that’s something you want to pick, something that’s integrated and works with your calendar. Maybe you’re an Outlook SharePoint shop and that’s what your technical platform is, a Microsoft Outlook. So find a plugin for scheduling that merges and integrates with your Outlook calendar. But if you’re a Google shop, and by shop I mean it’s your preference, right?
Gil Vidals
Your whole business is centered around either Google or Outlook. Those are the two big ones. So if you’re more into Google, then find a plugin that will use the Google Calendar for your practice and make sure that it only allows scheduling for those days that you want. And it won’t schedule it on a Sunday if you don’t work Sunday, it won’t schedule it on the holidays if you’re off the holiday and so on. So you want to look for the integration, you want to make sure that this scheduling plugin is integrated with your back end calendar.
Adam Zeineddine
Yeah, yeah, definitely. And I think Calendly is a very popular tool. As you said, we use it internally. One thing to make a note of is whatever tool you’re using, does it have a plugin in WordPress? The last time I checked and I just did a quick check here now as well, they don’t have a plugin for WordPress, so you’d have to manually embed the code into the WordPress site. Which is all well and good, your developer can do that pretty easily. The issue is if you have patient data, you want the data to be stored rather than being stored on Calendly’s website or database somewhere. You want it to be installed in the WordPress database. So I would recommend going for a plugin that is for WordPress. And so what we’re reviewing here is WP booking calendar.
Adam Zeineddine
And that is, yeah, it is a plugin built. There’s a, a free version, there’s pricing there as well. And it is, it is very good. We’ve got A lot of our customers that say very good things about it. Again, not sponsored if they’d like to please reach out to us. Yeah, so there’s a personal version for $39 a month and then it goes up to $349 for the multi user. Let me just double check if that’s per month so. It’s 39 every six months. Yeah. And that includes the. Yeah. And then the neck. Any, any comments there on WT booking calendar deal?
Gil Vidals
I don’t have any additional ones, just I, I do recommend that you try at least two. I mean WP bookings like Adam said has good recommendations but that’s not the only one. There are dozens and dozens of these. So spend an hour maybe if you don’t have an hour, spend 20 minutes. But look at least two of them. Okay. Bookly number one WordPress appointment booking plugin. Yeah, that’s a popular one. Obviously the bigger ones that have more money behind them, more developers and they have more features. But sometimes you know how it is in the world of software. Sometimes you get inundated with a million features and all you need is something very simplistic and all of these features just clutter everything and it gets too complex.
Gil Vidals
So if that’s your situation, you say you’re a one man band, a one woman therapy clinic and it’s just you. So you probably don’t need anything crazy complicated. You could find a simple one that will do the job just fine. So keep all of that in mind. Now you may on the other hand, maybe you’ve got a very busy practice with all sorts of shifts and you may want something that is more complicated that can text the customer after the calendar items made and make sure send them a reminder. Don’t forget you have the appointment tomorrow at 2. If you need to cancel, hit the button C. I mean it can go on and all the features. So think about it ahead of time, what is it that you want? And then find that plugin that meets most of the features you’re looking for.
Adam Zeineddine
Yeah, and the Bookly plugin, there’s a lifetime free option Bookly Start that allows you to schedule unlimited appointments up to five services. So services meaning different types of medical services. In this case you can have five different ones. You essentially I would say that would equate to on calendly Gil something like types of calendar event. Right. You can have a 15 minute discovery call, you have a 30 minute with a bunch of team members on it, etc. Etc. Or if you’re a larger clinic, there’s Buckley Pro, which is $33 a year, so very affordable. And again, the key here when it comes to hipaa is to ask the question, whatever booking tool that you’re using is, can the data, which in this case would be patient data because it’s patient scheduling the appointments, can that data be stored securely in the WordPress database?
Adam Zeineddine
And that’s where HIPAA compliant hosts like HIPAA vaults, which myself and Gilbert represent, are where they come in. So hosting the WordPress site securely can be done. And if the scheduling plugin allows for the data to be stored in the WordPress database, as opposed to with the booking plugins servers in the cloud somewhere else, then yeah, it can be made to be HIPAA compliant.
Gil Vidals
Yeah. And I would like to emphasize what you said, Adam, that it’s a misconception sometimes where people think, hey, is this plugin hipaa compliant? Well, WordPress core, that’s the core function of WordPress and all the little plugins that you add to it, all of that should be in a HIPAA compliant environment. So what makes the software hipaa? Part of what makes a software HIPAA compliant is the environment where it lives, right? You can live in a good neighborhood, you can live in a bad neighborhood, right? You have a choice. What kind of neighborhood do I live? Well, you wanna live in a good neighborhood. That’s like living in a HIPAA compliant when you have to move yourself and your family into that neighborhood. So the same thing with software and plugins. If you move your plugin into a bad neighborhood, it’s not HIPAA compliant.
Gil Vidals
If you move it into a good neighborhood, it’s HIPAA compliant. But the software itself also has a HIPAA compliant component. What do I mean by that? Well, the plugin may be designed in such a way that it’s easy to exploit and hack. So that’s why you want to find a provider, a plugin author that has multiple versions, that have a history where it says security update, patches, updates. That’s the technical term for, hey, I found a vulnerability and I fix it. So you want to see that kind of history. And you can only find that at the author’s website. You go to the website, click on releases and you can see all the releases. You can quickly just eyeball, you don’t have to read every line, just eyeball it and say, oh, they’ve been around for a couple of years, they have 10 versions.
Gil Vidals
And I see they’re mindful they’re updating it regularly, not once every two years, but every quarter at least they have an update. Those are all good signs. That’s not a guarantee though. We’ve never said that’s guaranteed, but it’s a good sign. Very promising. That likely that plugin will be, from an application point of view, will be a safe plugin. Yeah.
Adam Zeineddine
Stay secure moving forward. Definitely. In the final part of the functionality section that we’re going to talk about today, we’ll just go briefly over this skill is forms because we have done a number of detailed deep dives into forms in the past. So we’ll just gloss over a couple of them or not gloss over, we’ll just touch on a couple of them. WP forms, a well known form plugin out there and then the other one is contact form 7. Both offer free options and then there’s also paid supported versions of the plugins and they’re very useful. Gil, when it comes to forms, what’s important to enable regardless of what plugin you’re going to use for security purposes on the form?
Gil Vidals
Well, the contact form 7 is very popular is this wpform. When you’re creating a form, what these tools do is they allow you to make a form the way you want to make. You say, I want the first name, last name, the age, I want to know something else like their address, whatever you make up the form as you go. You said these are the fields I want. What you’re looking for is the flexibility to include the form fields. Define them from a security point of view, you just want to make sure if that data is encrypted. If they encrypt the data for you in the database, that’s a good sign. HIPPABLE encrypts the entire website so that that qualifies.
Gil Vidals
But if they go above and beyond that, they say, well, if you click this button here when you make the form, it encrypts the data, then that would be an extra secure way of being safe and knowing that the data is encrypted when it’s in the database. That’s called encryption in use. So you may want to look for that. That’s probably where one good tip that they’ll.
Adam Zeineddine
Yeah, definitely. And what about captcha? Is that captcha? I can never pronounce that properly, but is that to do with HIPAA compliance and security or is that more to do with just reducing the amount of spam that you get enabling it?
Gil Vidals
Yeah, the capture is Considered spam prevention because if you don’t put a captcha on a form, the captcha for the audience, that’s where you either have to look at the image and say, how many traffic lights do I see on this image? You click on all the little sections or type in the letters you see here, Whatever. That’s a captcha. The capture is mainly for preventing spam. If you don’t have captcha, you’re going to get gobs and gobs of bots. Those are automatically filled forms. If they have a little robot that fills it out with garbage, you may ask, why would they do that? I can’t tell you all the reasons why they do it, but it happens all the time and you’ll be super annoyed that your forms are being filled out with garbage.
Gil Vidals
You’re going to want to protect the forms by using.
Adam Zeineddine
Themes, plugins for booking and plugins forms. This brings us to the conclusion of our three part episode. The first part was security. Go check it out if you haven’t already. The second, what was performed performance, and this one has been about functionality, an emotional one. Three, three episodes. Any, any final thoughts on any of those topics?
Gil Vidals
I just think it’s good. I know the medical professionals are very busy. So a lot of times what they do is they’ll assign the task to their administrator saying, hey, go find a form, we need this, or go find this theme or whatever. And that’s fine. I mean, you need help, you need an assistant, but make sure that you stay involved. So you look at theme yourself, make sure that the administrator is looking in the right places, that the plugins are looking at, that they looked at least at three of them. Do all the things that we recommend. Make sure if you’re going to pass on the responsibility, somebody else make sure they’re doing that. Because I get it, you guys are very busy and you need some help. So that makes sense.
Gil Vidals
But you do want to keep an eye on it to make sure.
Adam Zeineddine
Fantastic. Well, that’s it for this episode. Like subscribe, share, stay compliant and stay.