What is JotForm?
JotForm is a free online form builder which helps you create online forms without writing a single line of code. No sign-up required.

At JotForm, we want to make sure that you’re getting the online form builder help that you need. Our friendly customer support team is available 24/7.

We believe that if one user has a question, there could be more users who may have the same question. This is why many of our support forum threads are public and available to be searched and viewed. If you’d like help immediately, feel free to search for a similar question, or submit your question or concern.

  • Profile Image

    Are your new forms HIPAA compliant?

    Asked by David Straight  on July 23, 2015 at 10:58 AM

    I'd like to collect patient intake information from my website but as a health provider, I need a hipaa compliant form.


    I look forward to your answer and hope they are :-)


    David Straight

  • Profile Image

    Answered by Sammy on July 23, 2015 at 12:54 PM

    At the present jotform does not hold a HIPAA Compliance Certificate, however we are technically compliant in terms of data protections.

    We provide high grade SSL encryption for data transfer over the web and we also recently introduced the form encryption feature

    To be compliant to the HIPAA rules in your form you can ensure the following features are implemented

    1. Always use SSL (https) version of JotForm site on your browser. Use "https://www.jotform.com" to login to your account, create your forms, look at your submissions and link to your forms.

    2. Turn on form encryption to allow the encryption of form data



    3. Edit emails on all forms to make sure no specific information is used on them. We send emails in plain text. So, they are not secure. Only use emails to get alerts to know there is a new submission. Once you receive an email alert, log into the secure JotForm site and then look at the user (if you use form encryption email alerts wont be sent)


    4. If you use the Reports feature only do it with password protection. That will both ask for a password, and it will transfer all data over SSL.


    5. Logout immediately after you are done using the site to reduce the likelihood of someone having access to your account and its data on the same computer.


    6. Regularly download submissions and then delete them.