questions regarding the security of our data

  • Profile Image
    Asked on July 24, 2015 at 02:58 PM



    Quick question, if I'm creating forms for Patient Intake process; is the SSL security setting enough to protect the information or do I need to utilize this encryption option as well?





    This is a re-post of a comment on Encrypted Forms and How to Use Them

  • Profile Image
    Answered on July 24, 2015 at 03:44 PM

    Update (April 19, 2018) HIPAA is available for our Gold and Silver plans. 


    SSL should be enough to protect your users as long as you are deleting the submissions once you collect the data from your account.  Here is a bit more in depth guide on using JotForm in a HIPAA compliant manner:

    When collecting sensitive data, it never hurts to use more security.  Keep in mind though, if you lose your encryption key, you will lose the data associated with it. Which is why I am hesitant to recommend the encryption feature.

    If you have any further questions, let us know and we will be happy to help.

  • Profile Image
    Answered on April 21, 2017 at 02:50 PM

    I know this is an old post. Though I would like to Mention with HIPAA compliance that SSL is not good enough. If you are using patient information you must have it encrypted when transferred even with SSL.

  • Profile Image
    Answered on April 13, 2018 at 10:03 AM

    Great news! JotForm now offers HIPAA compliance. This means users in the healthcare industry can use JotForm to collect sensitive patient information through consent and onboarding forms, medical history updates, online bill payments, and prescription refill requests. 

    HIPAA-compliant forms require a Gold pricing plan, which is only $99 a month or a Silver pricing plan, which is $39 a month. A business associate agreement (BAA) is also available upon request.

    For more information about our HIPAA-compliant forms, visit

  • Profile Image
    Answered on April 19, 2018 at 04:18 AM

    Update: HIPAA is available for the Silver plan as well.