Creating a HIPAA-compliant website. The first step is to obtain a Secure Socket Layer (SSL) certificate. This will create a secure link between your website and a visitor's browser, ensuring that all PHI passed between the two remains private and secure. Next, make sure your website is using HIPAA-compliant online forms, like those from JotForm..