Security on Form Submissions and HIPAA compliance

  • Profile Image
    Asked on August 08, 2012 at 01:17 PM

    I'm using your services to create a form for a physician's office.  It is a prescription refill request form located here:

    I met with one of the physicians yesterday and he seemed concerned that there could potentially be a HIPA violation (Health Information Privacy Act) if the information submitted on this form ever fell into the wrong hands.  If, say, your servers were ever hacked.  How do you recommend I set his mind at ease re: this?  Am I correct in assuming that the submitted information within the fields of the form never really resides on your server and is only captured in the recepient's e-mail?

    Please help me understand the level of security he can expect.



    Brad DAvis

  • Profile Image
    Answered on April 13, 2018 at 10:09 AM

    Great news! JotForm now offers HIPAA compliance. This means users in the healthcare industry can use JotForm to collect sensitive patient information through consent and onboarding forms, medical history updates, online bill payments, and prescription refill requests. 

    HIPAA-compliant forms require a Gold pricing plan, which is only $99 a month or a Silver pricing plan, which is $39 a month. A business associate agreement (BAA) is also available upon request.

    For more information about our HIPAA-compliant forms, visit

  • Profile Image
    Answered on April 19, 2018 at 03:59 AM

    Update: HIPAA is available for Silver plan as well.