- kimberlyrousseauAsked on May 08, 2010 at 11:47 AM
I want to collect patient information on a health history form for my practice. Is the security of jotform adequate for this purpose?
- loradrienAnswered on May 08, 2010 at 08:22 PM
- JotForm FounderaytekinAnswered on May 10, 2010 at 03:48 AMHere is the steps we recommend if you carry highly sensitive data on your forms:
Step 1: Use "https" instead of "http" in your forms. Such as:
Step 2: Log into jotform.com with https on the browser when you need
to access reports:
Step 3: Disable emails on form. On your notification email enter "none" to the recipient address to do that. Since emails are not sent encrypted over the Internet. Only use the secure https://www.jotform.com site to view/download your reports.
Step 4: After downloading the recent submissions, delete the old submissions on Reports. Do not keep them in your account. Our database is not encrypted.
- Daniel KeplerAnswered on May 03, 2015 at 06:02 PM
I would advise against using it if you need to be HIPAA compliant, since https is just one of dozens of requirements stated by HIPAA, see here for more details: http://www.hhs.gov/ocr/privacy/hipaa/understanding/summary/
There are other tools that are specific for dealing with private patient information like IntakeQ, Cake Intake, etc.
- CharlieAnswered on May 03, 2015 at 11:40 PM
Thanks for your input, we'll take note of it. I would also like to advise that you open your own thread as this one is quite old, and so that we can better assist you with your concern. You can open a new thread using this link: http://www.jotform.com/contact/.