PHIPA & Jurisdictional Compliance

  • Profile Image
    Asked on December 06, 2021 at 11:41 PM

    Hello Jotform,

    I've been asked to complete a Jotform that includes personal and private health information.

    Are your services PHIPA compliant with data physically stored exclusively only in Canada?


  • Profile Image
    Answered on December 07, 2021 at 12:59 AM


    Thank you for contacting us.

    PHIPA is similar to HIPAA in many aspects. However, PHIPA contains several requirements that HIPAA does not. 

    Under HIPAA, covered entities are required to report unsafe health information breaches if they affected 500 or more people. On the other hand, under PHIPA, the requirement to report a breach is stricter. 

    Jotform provides HIPAA-compliant forms and a business associate agreement (BAA) so your organization can collect health information safely and securely. 

    Therefore a ticket regarding this has been created and escalated to our developer team. Unfortunately, we cannot provide an ETA on the feature requests; however, we will inform you on this thread if they have any updates.

    If you need further assistance, please let us know.