Are JotForms HIPAA compliant?

  • Profile Image
    Asked on January 14, 2015 at 11:01 AM

    Hi there,

    I am contacting you on behalf of a therapist I know. We are looking for a way to collect patient intake information while being HIPAA compliant. Could you confirm (yes or no) if any level of your services are HIPAA compliant?

    Thanks for your time!

  • Profile Image
    Answered on January 14, 2015 at 01:15 PM

    We do not have a HIPPA compliant certificate but it is possible to use Jotform in HIPPA compliant way if this recommendations are followed:

    1. Always use SSL (https) version of JotForm site on your browser. Use "" to login to your account, create your forms, look at your submissions and link to your forms.

    2. Edit emails on all forms to make sure no specific information is used on them. We send emails in plain text. So, they are not secure. Only use emails to get alerts to know there is a new submission. Once you receive an email alert, log into the secure JotForm site and then look at the user 

    3. If you use the Reports feature only do it with password protection. That will both ask for a password, and it will transfer all data over SSL.

    4. Same for uploads. They are not password protected.

    5. Logout immediately after you are done with the site.

    6. Regularly download submissions and then delete them.

    You can see here more details on this subject.
    If you need further support please let us know.