Security of forms in free version

  • Profile Image
    Asked on February 22, 2021 at 10:40 PM

    hi there, one of our health care contractors uses the free form of Jotform for patients to submit health data. She has had a complaint from a client who, upon submitting his completed form, received a plain text copy with the confirmation. He is outraged that this plain text copy was emailed back to him and says it cannot be secure. i am inclined to agree with him and would appreciate your clarification on how this has happened? This is his complaint:

    To be clear, my entire medical history I supplied is now in plain text in:
     1. The practitioners Gmail inbox 2. In my inbox 3. In archival/backup storage at Google  4. In archival/backup storage at my Email Provider 



  • Profile Image
    Answered on February 23, 2021 at 04:59 AM

    Hi Sally,

    All your forms are served across a protected 256 bit SSL (Secure Socket Layer) connection that uses a SHA256 Certificate. This is the same level of protection used by online banking or e-commerce providers.

    We are the first and only form builder with PCI DSS Service Provider Level I compliance, the highest security attainment you can have as a business that collects payments from, and integrates with, credit cards.

    For more information you may refer to this security page:

    The email that your client received was the autoresponder that was created by the form owner.

    "Autoresponder is an email that your customer will receive to email that they typed in your form."

    I hope this helps.

    Let us know if you need further assistance.