More Healthcare Privacy Questions

The website mentions HIPPA compliance with the silver level.

Does this pricing level guarantee compliance with Canadian-equivalent regulations in all provinces?

Thanks!

Hello @ofEstate,

Thank you for contacting JotForm Support.

Please note that PHI in Canada is regulated by PIPEDA which is actually different from HIPAA. PIPEDA regulations seem to be stricter than HIPAA and require the data to be stored in Canadaian servers only. Learn more here: https://medipense.com/en/hipaa-vs-pipeda-mandatory-protection/

JotForm currently only offers HIPAA compliant servers that store the data in US-based servers and this will not meet PIPEDA requirements. For more information on JotForm's HIPAA compliance, please refer to the following web page: https://www.jotform.com/hipaa/

Please let us know if you have any further questions or concerns, we are happy to help.

As per: https://vsee.com/blog/hipaa-canada-health-information-privacy/

There is a provincial level act in Ontario where we operate, the Personal Health information Protection Act, 2004(PHIPA) that I believe is closer in equivalence to HIPPA.

My understanding is that regulated health professionals operating in Ontario can use that legislation to guide them in handling Client information.

Is there any other aspect of your services at the Silver level (other than out-of-country storage which is not an issue under PHIPA) that would be of concern in terms of equivalent Ontario-specific legislation?

Hi there,

Unfortunately, JotForm is not PHIPA Ontario compliant. We only have HIPAA compliant for protecting health information. Upon checking the internet, it shows that PHIPA differs from HIPAA in several aspects. PHIPA imposes a number of requirements that HIPAA does not.

For more information about HIPAA, kindly check this link below.

https://www.jotform.com/hipaa/

If you want to JotForm without HIPAA compliance, you may check our security page for the other security features.

https://www.jotform.com/security/

Thank you.