I would like some details regarding HIPAA Compliance with your forms.

  • Profile Image
    Asked on January 17, 2013 at 12:15 PM

    Our client is interested in integrating one of your forms into their site.

    Since the information being collected is accessed through JotForm, will they require an SSL on their own site as well?

  • Profile Image
    Answered on January 17, 2013 at 12:42 PM

    JotForm certainly complies with the technical safeguard section of the HIPAA security rule


    Please check this thread to read what our CEO explains about HIPAA compliance


  • Profile Image
    Answered on January 17, 2013 at 12:55 PM

    So do I need to purchase an SSL for the site, or will the secure JotForm meet all of the necessary HIPAA comliance measures?

  • Profile Image
    Answered on January 17, 2013 at 01:12 PM

    Like Mr. Aytekin states:

    "1. Always use SSL (https) version of JotForm site on your browser. Use "https://www.jotform.com" to login to your account, create your forms, look at your submissions and link to your forms."

    Data transmission (which was filled out by a submitter into an SSL Form )  is sent encrypted . However, you could implement an SSL for the site if you will put specific information into your emails autoresponders/notifications , because  we send emails in plain text. So, they these are not secure.

    Data stored on our servers are not encrypted, but access to our servers are safeguarded.