HIPPA compliance upgrade

  • nathanaelsinger
    Asked on March 15, 2021 at 5:15 AM

     I would like to know how much does it cost to make our account HIPPA compliance and how long does the process takes.

    Also I wanted to know if we can have it all all of the subscription plans.


    Best,


    Nathanael

  • Jovanne JotForm Support
    Replied on March 15, 2021 at 9:05 AM

    Hi Nathanael, thank you for contacting support.

    You can subscribe to our Silver or Gold plan to enable the HIPAA feature on your account. There is no additional cost to enable HIPAA.

    Please refer to this guide on how to upgrade your account to HIPAA once you are subscribed to the Silver or Gold plan:

    GUIDE: how-to-upgrade-to-hipaa-compliance

    I hope this helps. Let us know if you have further questions.

  • nathanaelsinger
    Replied on May 10, 2021 at 4:00 AM

    Hi,

    no it's not.

    i was referring to the BAA that i need to sign in order to enable the account


  • Richie JotForm Support
    Replied on May 10, 2021 at 8:26 AM

    Hello, I have checked your account subscription and you're on the Silver plan which is eligible to upgrade to to HIPAA .

    Once your account is under HIPAA, a BAA would be sent to your account.

    For more information, kindly check this guide:https://www.jotform.com/help/500-how-to-upgrade-to-hipaa-compliance

    Let us know how it goes.

  • nathanaelsinger
    Replied on May 10, 2021 at 8:40 AM

    Hi

    i have no problem understanding that i need to sign the BAA in order to enable the HIPPA account.

    my question is legal and refer to the BAA itself.

    is there anyone from the legal department that can answer this question?

    best,

  • Jovanne JotForm Support
    Replied on May 10, 2021 at 9:47 AM

    Hi,

    Here's a snippet about BAA on this page.


    "According to the HIPAA Security Rule, a BAA establishes “national standards to protect individuals’ electronic personal health information that is created, received, used, or maintained by a covered entity.”

    Essentially, the BAA is a formal agreement between two organizations — a “covered entity” and a “business associate” — stipulating that both will maintain the security, privacy, and integrity of patients’ health data or their protected health information (PHI)."


    If you have some queries about its legalities, I would recommend consulting with your lawyer.

    Thank you

  • nathanaelsinger
    Replied on May 12, 2021 at 6:21 AM

    I have consulted my lawyer, and that's is the reason why i have sent this question. so could you please ask some one from the legal team to have a look and tell me whether it is mandatory to export the data, and specifically HPI, after the term of the agreement or at any point earlier.

    In other words, what happens if we decide not to export, share or transfer this data, and in particular PHI. 

    i am referring to sections 2.7.2 (Data Export) and 2.7.3 (Data Sharing). 


    Best,

  • Anita_K
    Replied on May 12, 2021 at 12:01 PM

    Hi,

    thank you for specifying. I will forward your request.

    Please allow us some more time and we will get back to you on this.

  • nathanaelsinger
    Replied on May 18, 2021 at 2:43 AM

    Hi,


    Is there any update on the query ?

    Best,

  • Richie JotForm Support
    Replied on May 18, 2021 at 4:29 AM

    The ticket has been forwarded already to our back-end team for further information. However, updates are not available as of the moment.

    Once we have further information, you will be notified.

    Thank you.

  • nathanaelsinger
    Replied on May 26, 2021 at 7:34 AM

    Hi, it's been over a week and i haven't go a reply from your legal team.

    could you make sure to figure it out by the end of the week please?

    Best,


    Nathanael

  • Anita_K
    Replied on May 26, 2021 at 8:41 AM

    Hi,

    we apologize for the inconvenience. Please note that this is handled with important priority. We will let you know as soon as we have an update.

  • nathanaelsinger
    Replied on July 25, 2021 at 5:13 AM

    Still no answer ??? that's not important priority

  • Patrick_R
    Replied on July 25, 2021 at 9:19 AM

    Hello Nathanael,

    I've relayed your message personally to the assigned team. Once there is an update, we'll let you know via an email under this thread.

    Thank you for your patience.

  • nathanaelsinger
    Replied on September 5, 2021 at 2:19 AM

    Hi any update???

  • Patrick_R
    Replied on September 5, 2021 at 4:04 AM

    Hello Nathanael,

    I've relayed your message personally to the assigned team. Once there is an update, we'll let you know via an email under this thread.

    I would also say that the terms that you're seeing are final and can't be changed. Also, can you please elaborate a bit more about your actual query? I am not sure about the context of your question, export where?

    "In other words, what happens if we decide not to export, share or transfer this data, and in particular PHI."

    As far as I can tell, PHI fields are protected, we don't pass these anywhere to non-HIPAA services (in case of third party integrations and email alerts).

    Thank you!