Collecting Sensitive Information - PCI Compliance - ADA Compliance

  • Profile Image
    Alan 
    Asked on January 27, 2017 at 10:12 AM

    Our business needs to collect ACH Banking information from our customers so we can enter the data on our systems and setup recurring ACH transactions. Does the Terms of Service for JotForm allow us to collect Bank Routing Information, and Bank Account number information from our customers assuming we use SSL connection and follow the security recommendations?

    Also, is JotFrom PCI compliant?

    Is JotForm also ADA compliant?


    Thanks,
    Alan

  • Profile Image
    david
    Answered on January 27, 2017 at 11:23 AM

    JotForm is now PCI DSS compliant. We have PCI Service Provider Level 2 certificate. We'd happy to provide certificate to any users who would need it for their payment gateway. 

    We do allow for collecting bank account and routing numbers under certain circumstances.  Doing so may result in your account being suspended for review.  Once the forms are reviewed, there would be no further interruptions. 

    The following thread has some great information on how to use your forms securely:

    https://www.jotform.com/answers/333046-is-JotForm-HIPAA-Compliant