Grow Your Practice with a Website Patients Trust
HIPAA-compliant intake, WCAG 2.2 AA accessibility, and medical SEO for independent Southern Utah practices.
What Healthcare Web Design Actually Is
Healthcare web design is custom website development for independent medical, dental, and therapy practices - built around HIPAA-compliant intake, ADA-accessible content, and the trust signals patients check before scheduling a first visit. That framing matters. A general marketing website sells a product. A healthcare website has to collect Protected Health Information (PHI) without exposing it, publish clinical claims without running afoul of state board advertising rules, and accommodate patients using screen readers or with limited dexterity - all while still converting a visitor into a booked appointment.
I'm Brett Benassi. I run B-Squared Technologies out of the Southern Utah area and I build sites for dentists, orthodontists, chiropractors, physical therapists, optometrists, family physicians, urgent care clinics, medspas, mental health and counseling practices, dermatology offices, and veterinary hospitals across St. George, Washington, Hurricane, Ivins, Santa Clara, and the rest of Washington County. My background is in development and local SEO. I do not sell pre-packaged "dental website templates" - every site is scoped to the specific practice management system, intake workflow, and compliance posture of the practice paying for it.
The two compliance frameworks that drive everything: HIPAA's Privacy Rule and Security Rule governs anything that touches PHI, and ADA Title III plus WCAG 2.2 AA governs who can actually use the site. Add in Utah DOPL advertising rules for licensed providers and you have a project where the wrong form plugin or a missing alt tag can trigger an HHS OCR complaint or a demand letter. This is not where you want a generalist agency learning on your dime.
Challenges Facing Healthcare Practices
The four problems that show up in almost every practice audit I run.
HIPAA-Compliant Intake Without Exposing PHI
A generic contact form that emails patient complaints to your front desk inbox is a HIPAA violation waiting for an HHS OCR complaint. Any form that collects symptoms, insurance info, date of birth, or medication history is handling PHI, and the form provider has to sign a Business Associate Agreement. JotForm's standard tier doesn't count. Neither does a default Wix or Squarespace form.
ADA Title III Exposure on Medical Sites
Medical and dental practices are disproportionately targeted in ADA Title III website accessibility lawsuits. The WebAIM Million report has flagged home pages with accessibility errors above 95% year after year, and plaintiff firms actively scan healthcare sites. Missing alt text, low contrast on a 'Book Appointment' button, or a scheduling widget that doesn't work with a screen reader is an open door to a demand letter.
Reviewers Who Never Convert to Booked Patients
Kyruus research puts 77% of patients on Google, Healthgrades, RateMDs, or Zocdoc before they book a first visit, and 84% read reviews before picking a provider. If your doctor bios are thin, your credentials aren't verified on the page, and your intake asks for ten fields before they can request a time, the patient reads your reviews and books with someone else.
Telehealth and Multi-State Licensure Pitfalls
Post-pandemic patients expect a 'request a virtual visit' option, but a website that advertises telehealth to out-of-state visitors of Zion or Snow Canyon without checking Utah DOPL licensure scope can create board complaints. Telehealth promotion has to match where your providers are actually licensed, and your site copy and schema should reflect that.
How B-Squared Addresses Each One
Compliance-first web design and SEO built for independent practices, not hospital systems.
BAA-Backed Intake Forms and HIPAA-Compliant Analytics
I wire up intake through JotForm HIPAA, NexHealth, Klara, or Formstack Healthcare - all of which will sign a BAA. For appointment requests that collect PHI I use HIPAA-compliant analytics like Fathom or Matomo instead of Google Analytics, because GA is not HIPAA-eligible and PHI hitting GA has been the basis for HHS OCR enforcement actions. Pages that don't touch PHI can still use standard analytics - I split the configuration so you get insights without compliance risk.
WCAG 2.2 AA Audit and Remediation
Every site I ship for a medical, dental, or therapy practice gets an accessibility pass against WCAG 2.2 AA - contrast ratios, semantic headings, keyboard navigation, ARIA labels on form inputs, captioned video, and an accessibility statement page. This is the same standard courts have repeatedly cited in ADA Title III settlements. I also re-test any third-party booking widget (Zocdoc, NexHealth, Weave) to confirm it actually works with VoiceOver and NVDA.
Medical Schema, Provider Bios, and Verified Credentials
Schema.org MedicalClinic, Dentist, Physician, and MedicalWebPage markup with Physician.medicalSpecialty tied to each provider. Individual doctor pages include degree, residency, board certification, NPI, state license details, procedures performed, and languages spoken. Sage Growth Partners found pages with full doctor bios and education credentials convert 30% better than stub profile pages, and AI search (ChatGPT, Perplexity, Google AI Overviews) leans on that structured data to surface named providers.
Compliant Review Request Automation
Post-visit review requests that respect Utah DOPL advertising rules - no incentives tied to positive reviews, no filtering by star rating before the prompt, no fake review solicitation. The flow integrates with Weave, RevenueWell, SolutionReach, or Tebra so the text goes out after the appointment is closed in your practice management system, pointing at your Google Business Profile, Healthgrades, and Zocdoc listings. Volume and recency are what move Google's local pack - this is how independent practices catch up to Intermountain Health on visibility.
Built Around How Southern Utah Healthcare Actually Works
Washington County's patient base is not a generic national demographic. Intermountain Health's St. George Regional Hospital (the former Dixie Regional) is the dominant acute-care system, and its specialty footprint - cardiology, orthopedics, oncology - pulls a lot of the paid search oxygen out of the market. Independent primary care, dental, physical therapy, and mental health practices cannot win on ad spend against that, but they can absolutely win on hyper-local organic and AI search where Intermountain's individual clinic pages do not rank for neighborhood queries.
The patient mix matters too. Washington County runs retiree-heavy - Medicare demographics are a larger share here than the Utah state average, which pushes demand toward primary care with Medicare Advantage contracts, podiatry, ophthalmology, dermatology (melanoma screens in the desert sun), and orthopedic follow-up. At the same time the county has been one of the fastest-growing metros in the country, adding roughly 30,000 residents between 2020 and 2024, and those new arrivals are bringing young families. That's why pediatric dental, orthodontic, family medicine, and urgent care capacity is stretched and why a well-optimized independent practice can fill a schedule in under 90 days.
Post-pandemic, telehealth expectations here are high - especially for mental health (SimplePractice and TherapyNotes both have strong virtual visit support), medication management, and follow-up visits. I build telehealth landing pages carefully: they advertise to Utah residents, they are explicit about licensure scope, and they link to whichever virtual visit platform your EHR supports (Doxy.me, athenaPatient, Epic MyChart, FollowMyHealth) so patients are not guessing how to connect.
Numbers That Shape How I Build These Sites
- 77% of healthcare patients research providers online before booking a first appointment, and 84% read reviews before choosing one (Kyruus Patient Access Research). That's why the doctor bio page, Healthgrades presence, and Google review count all have to be dialed in simultaneously.
- The average healthcare decision involves three or more online searches across symptoms, providers, and reviews (Press Ganey patient experience data). A site that doesn't rank on the procedure query, the provider-name query, and the neighborhood query is missing at least one of those three touches.
- Provider pages with full bios, education, and board certifications convert roughly 30% better than stub profile pages (Sage Growth Partners). Structured Physician schema with medicalSpecialty attributes also feeds AI Overviews and ChatGPT citations.
- Mobile accounts for 65%+ of patient site traffic (Think With Google healthcare vertical data), which means booking widgets and intake forms have to be thumb-usable, not desktop-first with a responsive afterthought.
- The WebAIM Million report has flagged over 95% of tested home pages with WCAG accessibility errors every year it has run. Medical and dental sites are specifically targeted by ADA Title III plaintiff firms - remediation now is cheaper than a settlement later.
- Washington County grew from roughly 180,000 to over 210,000 residents between the 2020 Census and 2024 estimates, straining primary care access and creating real market openings for practices that can be found online.
Case Study
Family Dental Practice
A St. George dental office was losing new patients to competitors with better online booking and visibility.
Challenge:
No online scheduling, outdated website, poor Google presence
Results After 6 Months
67%
of Appointments Booked Online
215%
Increase in New Patient Inquiries
4.9★
Google Rating (142 Reviews)
Healthcare Website FAQs
Ready to Grow Your Practice?
Get a free website audit covering HIPAA exposure, WCAG 2.2 AA accessibility, local SEO, and provider schema - with a clear punch list of what to fix first.