HIPAA compliance

  • Profile Image
    Edward Hamlin 
    Asked on December 05, 2016 at 03:12 PM

    Hi - I saw a physical therapist who used your product for his intake forms and am thinking about doing the same for my wife's neurology practice. It was quite elegant. 

    I read the FAQ on security, but wanted to ask if you know whether JotForm has achieved HIPAA compliance. Https and data encryption are certainly a huge step toward that, but if form data resides on your servers at any point there's another set of criteria that kick in.

    In fact, it would be helpful to know whether that data can be wiped once the form is transmitted. Does it have to be persisted on your server indefinitely?

    Thanks in advance - nice product!


  • Profile Image
    Answered on December 05, 2016 at 05:24 PM

    Update (April 19, 2018) HIPAA is available for our Gold & Silver plans. https://www.jotform.com/hipaa/ 


    Unfortunately we are not HIPAA compliance at the moment, although there are some ways to use our forms in a HIPAA compliant way, what I would suggest you to get more details about this is to take a look on this thread where our support manager has posted info about this: https://www.jotform.com/answers/333046 

    Now, regarding to your concern about storing your submissions and data on our servers, then there is a way to delete submissions as soon as they are received, this way you only receive the info via email and there is no record on the submissions page saved since it was already deleted. 

    Here's the link to the app that will help you to achieve that: https://apps.jotform.com/app/auto_delete_submissions 

    Do note also that when a submission has been  deleted there is not a way to restore it, it is also deleted from our database as well. 

    Please if you have any question, let us know. 

  • Profile Image
    Answered on April 10, 2018 at 07:26 AM

    Hello Edward,

    Great news! JotForm now offers HIPAA compliance. This means users in the healthcare industry can use JotForm to collect sensitive patient information through consent and onboarding forms, medical history updates, online bill payments, and prescription refill requests. 

    HIPAA-compliant forms require a Gold pricing plan, which is only $99 a month or a Silver pricing plan, which is $39 a month. A business associate agreement (BAA) is also available upon request.

    For more information about our HIPAA-compliant forms, visit www.jotform.com/hipaa

  • Profile Image
    Answered on April 19, 2018 at 07:11 AM

    Update: HIPAA is available for the Silver plan as well.