Inquiry Regarding Information Security Disposition

Hello,

I notice that your website has a collection of information security documentation that demonstrates Jotform's information security posture well. However, we want to try to use Jotform's free service to pilot our third party questionnaire form for a health system. Input on the third party questionnaire could include sensitive vendor information about perspective vendors (however, no PHI would ever be on it). Could you please elaborate on the security features we would benefit from by utilizing Jotform's free form services?

Hi Kyle,

Thanks for reaching out to Jotform support. I understand you want to know more about the security Jotform offers.

Jotform's security covers all accounts meaning, even if you're using a free account, you can rest assured that the data you collect is secured. All forms created within Jotform are served across a protected 256-bit SSL (Secure Socket Layer) connection that uses a SHA256 Certificate. This is the same level of protection used by online banking or e-commerce providers. All our data centers hosting our servers have the highest compliance with security standards. Our primary platform is Google Cloud - it complies with SSAE16 / ISAE 3402 Type II, SOC1, SOC2, SOC3, ISO 27001, ISO 27017 (Cloud Security), ISO 27018 (Cloud Privacy), PCI DSS v3.2, and HIPAA.

We are the first and only form builder with PCI DSS Service Provider Level I compliance, the highest security attainment you can have as a business that collects payments from and integrates with credit cards. You can read more about our security features here.

You can contact our Security team and send the questionnaire using this form.

Please feel free to let us know if you have other questions.