Business Assoc Agreement (BAA) for HIPAA compliance?

  • Profile Image
    Asked on February 12, 2015 at 03:21 PM


    I would like to use JotForm for patient registration forms and consent forms to be filled out online. I have looked at others such as IntakeQ and LuxSci. So far, LuxSci has mentioned that JotForm is non-compliant with HIPAA policies.

    I've read the link back in 2010 suggesting that JotForm can be used in a secure HIPAA compliant way. I agree with the safeguards. But, isn't BAA also necessary for HIPAA compliance in the US?


    Thanks you.

  • Profile Image
    Answered on February 12, 2015 at 05:32 PM

    Update (April 19, 2018) HIPAA is available for our Gold & Silver plan. 


    JotForm certainly complies with the technical safeguard section of the HIPAA security rule:

    However we have no compliance certificate for either HIPAA or BAA

    Please read this thread, where I provided a more condensed explanation


  • Profile Image
    Answered on April 13, 2018 at 11:26 AM

    Great news! JotForm now offers HIPAA compliance. This means users in the healthcare industry can use JotForm to collect sensitive patient information through consent and onboarding forms, medical history updates, online bill payments, and prescription refill requests. 

    HIPAA-compliant forms require a Gold pricing plan, which is only $99 a month or a Silver pricing plan, which is $39 a month. A business associate agreement (BAA) is also available upon request.

    For more information about our HIPAA-compliant forms, visit

  • Profile Image
    Answered on April 19, 2018 at 04:22 AM

    Update: HIPAA is available for the Silver plan as well.