Yes, they did at least remove the insecure HTTP communication they were using before. Now it is running with HTTPS which means they are encrypting traffic between the browser and the website.
But they are still using TLS 1.0 and TLS 1.1 for browser compatibility reasons. No reason. Chrome v30 and up, Firefox v27 and up, and IE v11 and up all support TLS 1.2.
I guess the only reason they are keeping TLS 1.0 is for the people using Windows 98 or XP. 
Support for TLS 1.0 should be removed. That version of TLS is vulnerable to attacks like BEAST (Browser Exploit Against SSL/TLS), which can be used to decrypt secure HTTPS communication.
$nmap --script ssl-enum-ciphers -p 443 forum.tudiabetes.org
Host is up (0.0098s latency).
PORT STATE SERVICE
443/tcp open https
| ssl-enum-ciphers:
| TLSv1.0:
| ciphers:
| TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1) - A
| TLS_DHE_RSA_WITH_AES_128_CBC_SHA (dh 2048) - A
| TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1) - A
| TLS_DHE_RSA_WITH_AES_256_CBC_SHA (dh 2048) - A
[output snipped]