How does HIPAA compliance affect mutliple user access

  • Profile Image
    TrinityIT
    Asked on March 09, 2020 at 01:43 PM

    Hello,

    We're a school and we're looking to potentially further our security by moving our account to a HIPAA compliant one.  The additional security described would make us feel more comfortable especially since we collect sensitive data that falls under FERPA and GLBA compliance requirements.

    Currently I've given access to the main school account to several other users so they can make forms for their own department's needs as well.  How does moving to a HIPAA compliant account affect my ability to share with other free user accounts? 

    I could not find the answer in the FAQ or User Guide on HIPAA.  And the Sub-user account page said the feature had been discontinued back in 2018 I am guessing we got grandfathered in. 

    So yeah, before jumping into getting the account secured properly, I'm curious how becoming a HIPAA account will work with current sub-user accounts.

  • Profile Image
    Welvin
    Answered on March 09, 2020 at 05:02 PM

    Thank you for contacting us.

    The sub-users are kept for you. However, they'll become restricted from viewing your form submissions since they are not HIPAA compliant. They can still preview and edit forms, but they won't be able to see options such as PHI fields. 

    https://www.jotform.com/help/518-How-to-set-PHI-fields-on-your-forms

    Our sub-user feature does not carry the paid subscription of the main account. The sub-users are separate account and is only based on permissions, view or edit or both.

    The only way to give access to the form data would be to integrate your forms with Google Sheet and sharing each Google sheet link to the team/sub-users. 

    Thank you and I hope that clarifies your question.