Write a Website Privacy Policy Worth Showing Off

Most healthcare websites are born with boilerplate privacy policies. It’s time to up your game. The many high-profile data hacks social platforms, retailers and banks are making consumers hypervigilant about privacy and data security. It’s an ethical and brand issue. The key is to be transparent and to not do things on your website that make your mom ashamed. So we assembled a list of important items that should trigger a disclosure in your privacy policy.

Who has access to your mailing list or database?

Do you trade it with other companies? Do you augment it with information from other sources? If so, let people know that you comply with the Can-Spam Act

Simplify sign-up forms

Opt-in forms for newsletters and promotional announcements should, ideally, only collect email addresses. What will you do with them? How often will you send emails? How can people unsubscribe from your list? Your privacy policy should have the answer.

Progressive forms

Do you use them? Why do you keep collecting more information? Get the scoop here.

Marketing automation

Describe how you use marketing automation. Do you show visitors to personalized information on your site? What types of mailing can they expect to receive from you? How are you tracking their visits to your site? How does a visitor opt-out of marketing automation?

Note: Links to the privacy policy should appear to the right (free UX advice) of every form submit button on your site.


You have an analytics package, like Google Analytics or Omniture. Make it clear that you are only collecting this information in aggregate. None of it is linked to them personally.


Does your site use them? Why? How will cookies affect their experience on the site? Provide a link that explains turning off tracking in the web browser.


Explain what it is, how and why you use it.

An Explanation of Ad Retargeting from Moz

SSL Certificate

Explain SSL is what and how it enhances their privacy

Provide the contact name, email address and/or a phone number for a real person to field questions and complaints

Those are the big ones. If you have e-commerce, there’s a raft of other considerations. See resources below.