Dr. Frank Smith, Dr. Shannon Smith, Dr. Brian Smith, and Dr. Erik Bowman run Smith Health and Wellness Clinic at 665 Rodi Road in Pittsburgh. They treat back pain, neck pain, joint pain, headaches, and about twenty other conditions. They have four doctors, a full staff, and a website that tells every patient who visits it: This site is not secure.
Their site loads over HTTP. No SSL certificate. No encryption. Chrome, Safari, and Firefox all show a warning — a red lock or a "Not Secure" label in the address bar — before the patient ever reads a word about spinal manipulation or Graston technique.
This is not a design opinion. This is a technical fact that costs them patients.
What I found in 30 seconds
Site: smithchiro.net
Location: 665 Rodi Road, Pittsburgh, PA 15235
Issue: No HTTPS. The site loads over plain HTTP.
Impact: Every patient who clicks the site from Google sees a browser security warning. Google also ranks HTTPS sites higher — so the clinic is losing search visibility to competitors who secured their sites.
The content itself is fine. It describes their services, lists their doctors, gives a phone number (412-793-8900), and even quotes the New England Journal of Medicine. But the delivery mechanism undermines the message. A medical practice that asks patients to trust them with their spine should not ask those same patients to send their data across an unencrypted connection.
What the patient sees
Imagine a patient in pain at 2 AM. They Google "chiropractor Pittsburgh" and find Smith Health and Wellness Clinic. They click the link. Their browser shows a warning. The patient — already anxious, already hurting — now has to decide whether to ignore the red lock and keep reading, or go back to the search results and pick a competitor whose site loads normally.
Most patients go back. The data says 82% of users leave a site when they see a "Not Secure" warning. For a medical practice, that number is almost certainly higher. Patients are more risk-averse about health providers than they are about restaurants.
The structural fix
Smith Health and Wellness Clinic does not need a $300/year Wix subscription to fix this. They need three things:
- An SSL certificate. Free from Let's Encrypt. Takes 10 minutes to install.
- A static site. No database, no login portal, no WordPress admin panel that needs monthly patching. Just HTML, CSS, and the content they already have.
- Hosting that includes the certificate and the domain in one price.
What they pay now: whatever their current hosting costs, plus the invisible cost of patients who leave before they call.
What we charge: $500 to build the site (or $700 to migrate their existing content), then $195 every 3 years for hosting, domain, SSL, and their AI edit agent. The SSL is included. The domain is included. The hosting is included. The files are theirs.
They email us when they want a change — a new doctor joins, a service is added, a holiday closure — and we update it within 10 minutes. No dashboard to learn. No monthly bill to remember.
The math
If Smith Health and Wellness Clinic loses one patient per month to the "Not Secure" warning, and the average patient visits 6 times at $75 per visit, that's $450 per month in lost revenue. Over 3 years: $16,200.
Our 3-year cost: $695 total ($500 setup + $195 hosting). The difference is not close.
What happens next
If you run a medical practice in Pittsburgh and your site shows "Not Secure," the fix is not a redesign. It is not a rebrand. It is not a new marketing strategy. It is a certificate, a static site, and hosting that does not charge rent.
Email your current URL to hello@discnxt.com. We will reply with a 3-minute teardown — what is broken, what it costs, and what we would charge to fix it. No call required. No meeting. Just the answer.