I need my JotForm data to be HIPAA compliant - Can I integrate an encrypted form with Google Drive?

  • Profile Image
    drsmart
    Asked on January 06, 2018 at 12:40 PM

    I understand that encrypted form data is not useable with integrations (saving data to a spreadsheet or database).  Your FAQ states:

    As such, the data itself is rather useless on the integration end since you will not be able to use it, unless, you have a way to decrypt the data on the side of that integration. This may be possible using some services, but this is not something we cover.

    I am an orthodontist and would need data to be HIPAA compliant.  Jotform seems to be an ideal tool to allow me to have patients complete forms electronically and store data to a secure folder on my Hipaa-compliant Google Drive.  I was hoping you could provide some insight as to where related information may be available that would allow using integrations with encrypted form data. 

    Thanks very much!

  • Profile Image
    TREVON
    Answered on January 06, 2018 at 02:28 PM

    Update (April 19, 2018) HIPAA is available for our Gold and Silver plans.

     https://www.jotform.com/hipaa/ 

     

    Unfortunately its not possible to integrate an encrypted form with third party applications, if you would like to have your submitted data available on platform you want to integrate to, then you will need to disable encryption in your form.

    If I may point out Jotform in itself is already secure and using HTTPS to transmit information from your users browser to Jotform servers hence the information cannot be intercepted. Our servers are also secured hence the data received from users will be stored in highly secured servers.

    In addition we have a Jotform app that will automatically delete your user submissions from our servers once the data is received by the other application you want to integrate Jotform with. This  will ensure no data is stored in our servers for users who prefer to user other platforms to store sensitive information rather than use Jotform servers.

  • Profile Image
    drsmart
    Answered on January 06, 2018 at 08:55 PM

    Thanks for your reply. 

    I tried an unencrypted form with the auto delete app, but the app only worked some of the time.  (I posted a question on the app's forum to ask about this).

      The form I'm trying to create would have a signature field using the Adobe Sign widget.  Adobe Sign emails the completed form to me in a readable (unencrypted) format so I think this would work.  I just need to research using the API to send the form responses to a Google Drive Excel spreadsheet.  I'm hoping to find a simple example form that does this.

    Thanks again for your help!  Jotform's tech support really does seem to be top notch!

  • Profile Image
    Jim_R
    Answered on January 07, 2018 at 03:55 AM

    Sadly, there's no way to utilize an encrypted form's submission data to Google Spreadsheet. As soon as you encrypt your form, all submission data will be encrypted elsewhere.

    I understand your goal is HIPAA-compliance - Can you weigh your options on which feature is more important for your use case?

    🔘 Integration with Google Spreadsheet

    🔘 Or Form Encryption

    Since you can't have both, we'd like to know which you prefer more so we can provide a better suggestion.

    For example, if you prefer the integration with Google Spreadsheet, you can keep your submission unencrypted and request for a customized BAA with us through our Enterprise Solution.

    https://www.jotform.com/enterprise/

    On the other hand, if you prefer the data to be encrypted, then you can stick with any of our current packages but without Google Spreadsheet integration.

    If you indeed want to push through with decrypting the data yourself, the part where we mentioned "This may be possible using some services, but this is not something we cover" would require a developer from your end who can come up with his own way of decrypting the encrypted data. This may be possible using OpenSSL > process that decrypted data > then forward it to Google Spreadsheet. Or another way is to decrypt the data through Google Spreadsheet directly.

  • Profile Image
    drsmart
    Answered on January 07, 2018 at 07:10 PM

     

     

    Thank you for the reply.  Your explanation was very helpful in understanding my options.  (I especially appreciate the “radio button” illustration).  After thinking about this, I think it would be more important to go with the form encryption.  There was some information on one of your forums about decrypting data and I may try to get someone to look at this, but it is clearly out of my league.

    If you don’t mind, I had another question related to building a normal form for use with in my project.  If I need to ask this at a different part of jotform, just let me know.

    My form is a medical / dental history form for patients.  My initial plan was to build the form using Adobe Sign form builder since I would incorporate signatures into the form.  Using Adobe Sign, I could have emailed the form to patients or sent them a link to the form after it was incorporated in my website in an iframe.  The reason I decided not to build the form in Adobe Sign is that I did not have the ability to control the tab order, which would matter in the section with 2 columns of radio buttons.

    The form is very extensive (https://www.smartsmiles.com/practiceforms.htm) - (Under 18 Medical History form).  I had hoped to duplicate the paper version we have used for many years.  I think there would be an advantage to being able to print a paper copy of a completed form if needed.  But, maybe more importantly, I think that patients don’t like filling out long forms.  I realize I could easily include all the questions and radio buttons in a very long, single column form.  However, I think that if I could build the form to duplicate my paper copy, it just wouldn’t seem as long to complete it.

    I tried to import the .pdf file attached into jotform to tweek it there (https://www.jotform.com/fillable-pdf-form-creator/), but I continued to get a message that the form could not be imported. I know the jotform builder allows CSS but I have not been able to get my form to resemble the paper form much at all.

    Thank you for reading all of this.  Finally, I would like to offer some sincere feedback on jotform tech support.  You guys are amazing!  Really.  I realize that I am asking about things outside of the norm and that, for now, I’m on a free account.  (I do plan to upgrade once I confirm I can get my form(s) up an running).  To have tech support people respond in such a timely manner and, clearly, be trying to help you customers (as opposed to “getting rid” of them) is extraordinarily rare.  Thank you!

  • Profile Image
    Kiran
    Answered on January 08, 2018 at 01:24 AM

    Thank you for your feedback and we appreciate it. The other question related to PDF import is moved to a separate thread and shall be addressed there shortly. Please follow the link below:

    https://www.jotform.com/answers/1341593-I-am-receiving-the-file-cannot-be-imported-error-with-my-PDF-form

    Thanks!

  • Profile Image
    drsmart
    Answered on January 08, 2018 at 07:14 AM

    Is it possible to have complete control of the design of a JotForm?  That is, whether I import my form or build it from scratch, is it possible to duplicate the paper form referenced above using CSS or "Advanced Design" techniques?

    Thanks!

  • Profile Image
    TREVON
    Answered on January 08, 2018 at 08:55 AM

    If I am getting you correctly you want to duplicate another form by customizing CSS of your form in Jotform.Yes its very possible to have a similar duplicate of another form by making use of CSS feature of form customization.

    Below is a guide on how to customize form using CSS.

    https://www.jotform.com/help/75-Customize-Your-Form-Using-Custom-CSS-Codes

     

  • Profile Image
    TREVON
    Answered on January 08, 2018 at 01:53 PM

    Looking at the complexity of the form, this will be possible but will need someone with high skills of CSS and will take quite a lot of time to achieve make your form look like the form in the link.

    If you have the CSS skills then you can try customizing the form to the design you shared. We will also be able to assist in areas you may have challenges. If you do not have the CSS skills then I would recommend if possible you get a person with complex CSS skills to assist you achieve the above.

  • Profile Image
    drsmart
    Answered on January 08, 2018 at 02:30 PM

     Thanks.  Can tab order be set with CSS?

  • Profile Image
    Nik_C
    Answered on January 08, 2018 at 03:30 PM

    It is possible, numbers that are in each tab need to be set with HTML element, then any HTML element can be moved around and designed further with CSS.

    The form you need to create is possible to create with our Form Builder, all fields can be represented by our elements, but it will require some work and, as my colleagues said, CSS skills to move fields and design properly.

    These guides might be helpful:

    https://www.jotform.com/help/2-How-to-Create-Your-First-Web-Form

    https://www.jotform.com/help/75-Customize-Your-Form-Using-Custom-CSS-Codes

    If you have any further questions please let us know.

    Thank you!

  • Profile Image
    Jim_R
    Answered on February 28, 2018 at 05:25 PM

    I am an orthodontist and would need data to be HIPAA compliant.  Jotform seems to be an ideal tool to allow me to have patients complete forms electronically and store data to a secure folder on my Hipaa-compliant Google Drive.

    Good news - We are now in the process of making forms HIPAA compliant in the near future. This will be announced once completely available so stay tuned!

  • Profile Image
    steve
    Answered on March 01, 2018 at 12:25 AM

    HIPPA compliant forms are available with our Gold plan and our Enterprise product. 

  • Profile Image
    Rose
    Answered on April 12, 2018 at 05:01 AM

    Great news! JotForm now offers HIPAA compliance. This means users in the healthcare industry can use JotForm to collect sensitive patient information through consent and onboarding forms, medical history updates, online bill payments, and prescription refill requests. 

    HIPAA-compliant forms require a Gold pricing plan, which is only $99 a month or a Silver pricing plan, which is $39 a month. A business associate agreement (BAA) is also available upon request.

    For more information about our HIPAA-compliant forms, visit www.jotform.com/hipaa

  • Profile Image
    Scott
    Answered on April 19, 2018 at 03:25 AM

    Update: HIPAA is available for the Silver plan as well.