How to send HIPAA-compliant leads to an MD.

  • Profile Image
    izniznot
    Asked on January 15, 2019 at 08:08 PM

    Hello: I am Silver Plan, login izniznot from Catalyst Adlab

    I bought the Silver Plan. I have a few questions that you can hopefully answer in Yes or NO form below. I've tried to be quite concise and specific in my questions so I can be crystal clear in my understanding. If you wish to elaborate beyond a  Yes or No, please feel free.

    I'm a marketer who does Lead gen, runs ads to collect leads, for professionals.

    I want to do that for medical professionals in a HIPAA-compliant manner.

    Let's say I run an ad on Facebook (or Google Ads, whatever). When potential patient clicks on the ad, they are taken to Jotform to complete a HIPAA-compliant form.

    1)         If I am collecting leads for Dr. A, when a potential pt clicks submit, Can I direct that lead directly to Dr. A with patient's name and email/phone number, correct?

    Yes or No? (if no, please explain)

    2)         If the patient's info is sent direct to the provider, does the PHI remain HIPAA-compliant?

    Yes or No? (if no, please explain)

    OR –

    3)         must the lead go to Dr. A's Google Drive where Dr. A can view the information and use it to connect to the potential patient?

    Yes or No? (if no, please explain)

    4)         If I direct the form info to go direct to Dr. A, can I get an email or submission to MY Google Drive so I an track the leads I generate for Drs. A, B, C and so on?

    Yes or No? (if no, please explain)

    5)         When potential patient clicks submit, can the form's info, now PHI, be sent direct to the provider's email, the provider to whose ad the person responded.

    Yes or No? (if no, please explain)

    6)         If for some reason, I want to collect the data for a Drs A, B, C, etc., in MY HIPAA-compliant Google Drive (I have a BA agreement so my Google Drive is HIPAA-compliant) and then send them to the drs. does that remain HIPAA-compliant? (I think so based on my conversation with Google G-Suite Support)

    Yes or No? (if no, please explain)

    7)         Under the Silver Plan, it says I am limited to 100 forms. Does that mean that using JF, I can collect leads for 100 practitioners, each using a single form for one Dr. that I design within JF. 

    Yes or No? (if no, please explain)

    OR,

    8)         does the 100 form limit mean the number of forms I can create and use within my account?

    Yes or No? (if no, please explain)

    9)         Anything else I need to understand or do to maintain HIPAA-compliance for leads I generate via ads using Jotform?

    Thanks ahead,

    gerry Sanders, Silver Plan, login izniznot from Catalyst Adlab

      

  • Profile Image
    Jed_C
    Answered on January 15, 2019 at 11:17 PM

    1) If I am collecting leads for Dr. A, when a potential pt clicks submit, Can I direct that lead directly to Dr. A with patient's name and email/phone number, correct?

    Yes, you pre-populate field values so Dr. A will see the the names, email etc. automatically populate https://www.jotform.com/help/71-Prepopulating-Fields-to-Your-JotForm-via-URL-Parameters.

    2) If the patient's info is sent direct to the provider, does the PHI remain HIPAA-compliant?


    HIPAA information will remain protected on Jotform's end. If you are trying to redirect the information on a 3rd party source, Jotform wouldn't  have any control over that. 

    Clarify the process on how the information will be sent and from where?

    3) must the lead go to Dr. A's Google Drive where Dr. A can view the information and use it to connect to the potential patient?

    Yes. You can integrate it with Google Drive https://www.jotform.com/help/192-How-to-Integrate-a-Form-with-Google-Drive 

    4) If I direct the form info to go direct to Dr. A, can I get an email or submission to MY Google Drive so I an track the leads I generate for Drs. A, B, C and so on?

    Yes

    5) When potential patient clicks submit, can the form's info, now PHI, be sent direct to the provider's email, the provider to whose ad the person responded.

    Yes. You can use autoresponder https://www.jotform.com/help/26-Setting-up-an-Autoresponder-Email 

    6) If for some reason, I want to collect the data for a Drs A, B, C, etc., in MY HIPAA-compliant Google Drive (I have a BA agreement so my Google Drive is HIPAA-compliant) and then send them to the drs. does that remain HIPAA-compliant? (I think so based on my conversation with Google G-Suite Support)

    Yes

    7) Under the Silver Plan, it says I am limited to 100 forms. Does that mean that using JF, I can collect leads for 100 practitioners, each using a single form for one Dr. that I design within JF. 

    Yes 

    8) does the 100 form limit mean the number of forms I can create and use within my account?

    Yes. Check the account usage for more information https://www.jotform.com/help/408-Understanding-Your-Account-Usage-and-Limits.

    9) Anything else I need to understand or do to maintain HIPAA-compliance for leads I generate via ads using Jotform?

    Once the account is moved to Jotform's dedicated HIPAA server, all submissions and data should now be HIPAA compliant. No other actions needed from your end.

    You can read more from our HIPAA compliant page here https://www.jotform.com/hipaa/.

    For other questions, please let us know.