Is JotForm HIPAA / FERPA compliant?

Is your system for submission storage HIPPA and FERPA compliant?

Update (April 19, 2018) HIPAA is available for our Gold & Silver plans. https://www.jotform.com/hipaa/ 

Hello Amanda, the short answer is no - We are not HIPAA nor FERPA compliant.

HIPAA compliance was discussed in good detail on this thread https://www.jotform.com/answers/333046 so just head over to that thread if you're interested to know where we stand in this regard.

Since the main concern with these questions is "security", allow me to discuss some key security features we have even if we are not compliant with these acts.

All forms created in Jotform are and should be running on SSL by default.

Related article: All-Forms-are-Now-Secure-by-Default-The-SSL-Limits-on-Free-Accounts-are-Lifted

On top of that, the forms and submissions are transmitted securely with a 256 bit high-grade encryption, which means that data is encrypted during the transmission and cannot be interrupted by anyone else. We have an SSL certificate that uses SHA256 with RSA encryption https://www.ssllabs.com/ssltest/analyze.html?d=secure.jotform.com 

As an added layer of security, you may also enable Form Encryption which basically encrypts all your Submission Data. Just be mindful of the other features that will cease to exist once you enable this. For more details, I strongly recommend you review our guide about encryption, especially theQ &A section.

Complete guide: What-Are-Encrypted-Forms-and-How-to-Use-Them-as-Expert 

Good news - We are now in the process of making forms HIPAA compliant in the near future. This will be announced once completely available so stay tuned!

HIPPA compliant forms are available with our Gold plan and our Enterprise product. 

Great news! JotForm now offers HIPAA compliance. This means users in the healthcare industry can use JotForm to collect sensitive patient information through consent and onboarding forms, medical history updates, online bill payments, and prescription refill requests.

HIPAA-compliant forms require a Gold pricing plan, which is only $99 a month or a Silver pricing plan, which is $39 a month . A business associate agreement (BAA) is also available upon request.

Hi Amanda,

I’d like to update you that now Jotform Enterprise complies with FERPA requirements. Enterprise customers can also request to have their servers provisioned in our SOC 2-compliant environment. This allows you to deploy custom forms and apps on our hosted platform on systems secured and managed by Jotform that are compliant with these controls. You can visit this page to learn more about Jotform and FERPA.

If you have any questions, let us know.