- drlachmanAsked on December 16, 2013 at 09:46 AM
Like the psychologist who submitted a question. I would like to have my patients submit their intake forms in a scanned document and upload it through jotform. You told this other practitioner to use a password to protect this and then it would be HIPPA compliant. I looked all through the site and can't seem to find how to do this. Thank you for your great application.
- JotForm Supportardy0689Answered on December 16, 2013 at 12:13 PM
Maybe what you are mentioning is the Password protection on the reports and not on the form. You should Password protect your reports:
Whatever type of report, you will have the ability to set a password.
If you need further assistance, please do not hesitate to ask. Thank you
- drlachmanAnswered on December 16, 2013 at 12:20 PM
On your reply below, you state that you can use a password to protect an upload. Is this the case? If so, where do I go for this? Thank you very much.
Answered by aytekin on August 05, 2010 at 08:46 AM
Yes, it is possible to use JotForm in a HIPAA compliant way. Our servers already match all criteria since we already care a lot about the security. However, some features of our application is not HIPAA compliant so if you refrain from using those features, I think you should be fine.
1. Always use SSL (https) version of JotForm site on your browser. Use "https://www.jotform.com" to login to your account, create your forms, look at your submissions and link to your forms.
2. Edit emails on all forms to make sure no specific information is used on them. We send emails in plain text. So, they are not secure. Only use emails to get alerts to know there is a new submission. Once you receive an email alert, log into the secure JotForm site and then look at the user
3. Do not use Reports feature. Since the report URLs are not password protected.
3. If you use the Reports feature only do it with password protection. That will both ask for a password and it will transfer all data over SSL.
4. Same for uploads. They are not password protected.
5. Logout immediate after you are done with the site.
6. Regularly download submissions and then delete them.
These are all I can think of right now. But if I think of anything else I will post it here.
Update: Reports now support password protection. So you can use them.
- JotForm Supportardy0689Answered on December 16, 2013 at 01:51 PM
I apologize for the confusion. However, we do not have a password-protection feature for uploading files as stated on #4. Same for uploads. They are not password protected. You should refrain from using features that may not be HIAA complaint such as the upload field.
It can probably useful to add a normal textbox field that gets the URL of the uploaded field from some 3rd party service that offers password protection on their links. This is way, you do not need to upload but instead get their uploaded links with their own password or probably a Google drive link that you will need to request an access into. If you need further help, please do not hesitate to ask. Thank you