healthcare
May 10, 2018

5 Cross-Browser Testing Aspects for Healthcare Sites

Scriptless Testing

When thinking about website testing for the healthcare industry, it is critical to understand the industry's specific needs. A healthcare website has different quality aspects compared to other websites, from various compliances and regulations to the target personas it serves, which includes both providers and patients.

Depending on the specific health domain, a successful quality strategy for healthcare website will consist of the following five pillars:

  1. Compliance and security validations
  2. Website user experience, load time, and performance
  3. Web API testing
  4. Cross-browser interoperability testing
  5. Content validation per target personas

Each of the above categories holds inside a large set of testing considerations, that varies often based on the healthcare domain or services that are being offered.

Let’s elaborate more on each topic.

Compliance and Security Validations

One of the key aspects of a healthcare website, perhaps more than anything else, is customer privacy and data security. Clients and healthcare providers depend on the healthcare website's ability to effectively and continuously retain and protect the most sensitive data they have.

When we think about compliance, security, and data it can be categorized accordingly:

  • User authentication and authorization
  • Users and healthcare providers data retention and for specific cases and websites also audit trails
  • Specific and relevant healthcare compliances

As stated in the above three topics (there can be many more to consider, but in this article, let’s focus on these), the main gate to the website if you are a healthcare provider that uses the web or a patient, is your personal credentials. Managing the end user’s credentials and assuring their privacy is key. Continuous monitoring of the security of the web and the login capabilities should be part of the quality strategy and processes.

These days, we hear more and more about security incidents, and trials for fraud attacks against large websites including healthcare. From a testing perspective, teams can extend the typical of user/pass scenarios (both positive and negative) with third-party tools that try to attack and inject malicious code into the websites, as well as constant code scans in production to assure that there are no regressions around the security and privacy of the website.

Regardless of the above, healthcare websites need to always adhere to specific compliances and regulations like HIPAA, FDA in specific cases, and others. With such compliances, the testing will also require evidence of security, audit trails, data retention policies and many more.

Healthcare Breaches

Image Source: https://resources.infosecinstitute.com/hackers-selling-healthcare-data-in-the-black-market/

Website Load & Performance Testing

At the end of the day, anyone using a healthcare website expects a flawless user experience. That means, the fast load time of the website, fast response to searches and form submissions, and any other activity that the user may perform. Specifically, for healthcare websites that carry a lot of data and use a lot of third-party web services to provide information to their users, performance can be a challenge.

Testing and development teams should expect such validations as part of their ongoing quality validations and define acceptable thresholds for the most commonly used user-actions. In addition, such teams should consider using a subset of these performance tests to monitor in production the level of service they provide their customers. Having an alert in production whenever there is a degradation in performance and response time of a specific functionality in the web, can be a huge advantage for teams that are trying to provide great UX to their clients.

Web API Testing and Backend Service Quality

As mentioned earlier, healthcare websites deal with dynamic content, big data, and a lot of users at any given time. Much of the data that is presented on the website is being pulled through web-services and backend APIs that are baked into the website architecture. Web browser changes, network conditions, and the services themselves are often unpredictable and can become unavailable, unstable, or suffer from latencies.

While end users do not really see or understand how your website is built, they do expect to get reasonable responses to their queries. To assure both site stability, as well as great UX, teams must include API testing and production monitoring of these services to be in the know when things are down or suffer from regressions. Like in the above categories, each healthcare website, provider etc., would have his unique services, but still, the category of API testing and site stability that is dependent on the APIs and content being consumed from the site are common and relevant to all.

Cross-Website Browser Interoperability

Regardless of who uses your healthcare website, your site should perform and provide the same service across all key browsers and OS versions. The plethora of browsers and the dynamics of monthly releases of Chrome, Firefox, and Safari browsers present a continuous challenge from a quality assurance perspective. Testing teams should have a good web testing lab, that includes all relevant desktop browser types configured across the Desktop OS and Browser OS versions – e.g. Chrome Latest on Windows 10, and Windows 8.1, Safari Latest Beta on Mac OS High-Sierra, etc.

To be able to assure proper functionality across these platforms, teams can use Selenium grids that are built locally, or leverage cloud providers to maintain this complex setup as a service. In addition, production monitoring and analytics can help the website teams determine where is the highest traffic comes from, and based on that, build their test lab.

Content Validation and Target Personas

Since healthcare websites provide online services to both healthcare providers like doctors, hospitals as well as patients, the content is at the heart of the web quality assurance. When we try to understand what does ‘content quality’ mean, we should be thinking and focus on the following test aspects:

  • Timely content, and content that is updated dynamically
    • Make sure that you present updated content that is being obtained through web services and from third parties – e.g. a list of up-to-date healthcare providers
    • Make sure that the content that is presented is ‘location-aware’ – based on customer zip code, the list of providers, content that is presented etc. is relevant
  • Content that is easily consumed by the users
    • Support for various languages based on the location and customers preference should be supported and properly displayed
    • Website accessibility is key for healthcare website since the variance of visitors is huge and typically includes customers from all age ranges, as well as from varying health conditions – here, website quality engineers should follow OWASP guideline and other recommended in-browser tools like Google Lighthouse.
  • Educational and domain-specific
    • Many healthcare website visitors seek to learn more about either the provider services, working hours, but also about specific medications, medical solutions, and more. In such cases, the content needs to obviously be well presented and to adhere to the above considerations regarding languages, accessibility, machine-readable (JSON) formats, etc.
Google Lighthouse

Image Caption: Google Lighthouse Audit Tool (Chrome Browser)

Conclusion

Healthcare websites, especially in today’s digital transformation age, are in a tough position. These websites are expected to be always on, always functioning, and to provide a high level of serviceability to the varying visitors. Assuring quality for such sites should involve a top-notch quality strategy that considers at least the above-mentioned five aspects as a continuous practice.