HIPAA Compliant Forms: Are the emails encrypted?

  • Profile Image
    tubbco15
    Asked on April 19, 2018 at 02:41 PM

    But, I'm guessing that any emails being sent are not encrypted. Correct?



    This is a re-post of a comment on JotForm is your HIPAA-compliant online forms solution

  • Profile Image
    Mike
    Answered on April 19, 2018 at 03:39 PM

    We do not support emails with data for HIPAA accounts. 

    The online form email notifications on the HIPAA-compliant forms are being automatically replaced with the following template:

    The 'View Response' button is linked to the authorization-protected page.

    If you need any further assistance, please let us know. We will be happy to help.

  • Profile Image
    mustafa
    Answered on April 20, 2018 at 02:18 AM

    Hi,

    I just want to give a bit more information about JotForm HIPAA Compliance support. 

    We have ensure that there is no data breach for protected health information (PHI) stored via the forms hosted by JotForm. This information can be shared with 3rd party services (including email services) only if we ensure they are HIPAA compliant email services. Even in this case all data sharing must be done over secure channels. 

    When we send submission data via emails, we lose the control over that data (it can be shared with someone else without even noticing the data breach). That is the reason we send you an email notifying about the submission and expect you to login to JotForm to see your data.

    The email is unencrypted, the link is plain. However the page you will land is protected and requires authentication.

    Let us know if you need more information on HIPAA.