How HIPAA Forms work?

  • Profile Image
    Asked on May 31, 2018 at 03:58 PM


    We have in the past saved Dr. information collected in our forms to Google Drive, then moved it to our internal servers for more security.

    What will HIPAA forms do for us that our current process does not do today?

    How will\can we access this saved data?

    What we collect is member specific Dr. information (Name\Number, etc), and member authorization signatures.

    I am rebuilding our forms this week and need to know how I should be building them?

    Also I have submitted a request for a Non-Profit pricing. Any idea how long it takes to get an answer? (kinda under the gun to get a system up and running..)


  • Profile Image
    Answered on May 31, 2018 at 05:34 PM

    Hi, what being HIPAA compliant means is that your business follows the mandatory standard for storing and processing sensitive patient data protection. Business that deal with protected health information (PHI) must have physical, network, and process security measures in place and follow them to ensure HIPAA Compliance.

    Jotform helps you in this task by providing the necessary tools that makes your forms HIPAA compliant as well as the infrastructure needed. Some aspects of implementation like System Access Tracking, Encryption, Auditing and Disaster Recovery are fundamental to be HIPAA compliant.  You can read a detailed list of how Jotform acts to be HIPAA compliant in regards to every requirement here:


    What will HIPAA do for your business is ensure that protected health information is not provided to parties, such as employers, without the consent of the employee. HIPAA laws protect the privacy of all past, current and future patient health-related information. You can read more about creating HIPAA compliant forms here:


    In response to your last question, we take no more than 1 week in order to analyze your request for a Non-Profit pricing.


    Feel free to contact us,



  • Profile Image
    Answered on June 04, 2018 at 04:07 PM

    Hello luisvcsilva,

    Thanks for the information.

    HIPAA might be a little over the top for us (at the moment).

    I noticed in the publish options that the forms by default are not 

    encrypted. Question, as we allow several staff access to these 

    forms, what would we need to do, if we turned on the encryption 

    option (as there is a public key involved)?



  • Profile Image
    Answered on June 04, 2018 at 04:41 PM

    To allow Staff to access these forms, you would need to add them as sub-users to your account and then add them to the notifications list. They will then be able to receive notifications whenever submissions are received and access the data in the submissions panel on JotForm.

    Refer to this detailed guide on how submission notifications are managed for HIPAA forms:

    HIPAA forms provide the necessary infrastructure so your forms and the process in which the data is handled all comply with HIPAA regulation.