- hwatersAsked on July 22, 2015 at 08:39 PM
I hate thinking it will be sent to a server I am not familiar with and potential medical information could be no longer private. Is there an encryption option? Or even better a direct push to my private email to bypass storage server risk.
- CharlieAnswered on July 23, 2015 at 02:54 AM
Update (April 19, 2018) HIPAA is available for our Gold and Silver plans.
Unfortunately, all the initial submission data will be stored in our data centers. However, you have an option to delete them and they will be permanently be gone in our servers, which means that action is irreversible.
Another option, you can directly push the submission data to your server using FTP. Here's a guide on that: http://www.jotform.com/help/177-How-to-Enable-FTP-on-Form-Submissions. But, you need to have at least a file upload field in the form itself. You can also integrate your form to other file storage systems like Dropbox and Google Drive, although I'm not sure if that is something you are considering.
Here are some security info that our founder shared to us:
- We have bug bounty programs where we pay outside parties for
reporting vulnerabilities in our system.
- Our servers are protected by private networks and constantly updated
- Our system administrators have a collective 40+ years of industry experience.
- Our development team is encouraged to follow best security practices.
- All data transfer are made of 256-bit SSL secure connection.
- Our servers are located on SSAE16 Audited facilities.
You can also use SSL enabled forms, here's a guide on that: http://www.jotform.com/help/63-How-can-I-receive-SSL-Submissions
For medical information, I assume you are looking for HIPAA compliance? Here's an info regarding JotForm and HIPAA: http://www.jotform.com/answers/333046-is-JotForm-HIPAA-Compliant
Our developers also released a new feature, the "Encrypted Forms". You can learn more about it in this blog post: http://www.jotform.com/blog/162-Introducing-Encrypted-Forms-The-Ultimate-in-Online-Form-Security.
I hope that somehow this helps.
- JotForm SupportRoseAnswered on April 13, 2018 at 10:03 AM
Great news! JotForm now offers HIPAA compliance. This means users in the healthcare industry can use JotForm to collect sensitive patient information through consent and onboarding forms, medical history updates, online bill payments, and prescription refill requests.
HIPAA-compliant forms require a Gold pricing plan, which is only $99 a month or a Silver pricing plan, which is $39 a month. A business associate agreement (BAA) is also available upon request.
For more information about our HIPAA-compliant forms, visit www.jotform.com/hipaa.
- JotForm DeveloperScottAnswered on April 19, 2018 at 04:22 AM
Update: HIPAA is available for the Silver plan as well.