- ctabor1Asked on February 01, 2012 at 04:28 PM
What is that used for... Or what is it typically used for? And how/when do you use it?
Does it keep info private that people fill out on your form?
ALSO, is it the same thing as SSL?
I noticed when I created a password protected report... that the https has a line through it.
I don't think that has anything to do with the question I asked...
But does that mean your "secure" is not really secure?
- fxrAnswered on February 01, 2012 at 04:42 PM
Secure forms are used for transmitting sensitive data between a client PC and a server. It means the data is encrypted and cannot be intercepted by a 3rd party.
Yes, SSL is the transport layer that provides the encryption.
Yes, when you see a strike through the https, this means the page contains at least one element that isnt on a secure server, possibly an image or if the report is embedded in a webpage , the website hosting the report may not be on a secure server.
Hope that helps.
- ctabor1Answered on February 01, 2012 at 05:08 PMThanks…
So if I just select “secure” on the embed page prior to putting the form on the site, or if they go to the link, etc., then their info is protected?
The reason I ask is because it is a medical intake form.
Can someone tell when they fill it out, that it is secure, or should I put some copy on the form indicating that it is?
Or do you have an image that demonstrates that automatically?
- fxrAnswered on February 01, 2012 at 05:24 PM
Yes, clicking the 'secure' checkbox in the Embed form options will provide you with a URL for your form which makes use of a secure JotForm server.
The data transmitted with this form will then be encrypted between client and server, the data is 'protected' from any prying eyes that may be out there.
If you provide someone with a secure URL for your form, their web browser will report the webpage/form as being 'secure', different browsers report this status differently e.g on Chrome:
Not all web users will be savvy enough to know to look for that information, so it probably is worth making them aware of it somewhere on the form.
Our developers are currently working on an option where users who are making use of secure form URLs will be able to enable a 'Security Seal', an image that shows the secure nature of the form, but it isnt quite ready for release yet.
- ctabor1Answered on February 01, 2012 at 05:45 PMDoes this feature work for an free, not premium account also?
- fxrAnswered on February 01, 2012 at 05:55 PM
Yes, the only difference is the submission limits.
FREE: 10 SSL submissions per month
PREMIUM: 1000 SLL submissions per month
- ctabor1Answered on February 01, 2012 at 06:46 PMDo you know if the secure form would be in compliance with HIPAA requirements – if in fact, they apply in this situation?
(Patient intake health history form)
- JotForm SupportMike_TAnswered on February 01, 2012 at 07:23 PM
It is possible to use JotForm in a HIPAA compliant way. Please take a look at the following thread:
- ctabor1Answered on February 02, 2012 at 08:27 AMThanks, that is very helpful…
However, is there a way to allow for downloads and viewing of the submission(s), without giving full access to jotform?
I don’t want the client to inadvertently change the form or mess anything up.
What are some solutions?
- ctabor1Answered on February 02, 2012 at 08:56 AMWhoops… forgot to ask…
The thread says to log INTO jotform using https... to create the form.
What if the form is already created?
Can I log in https… and make an edit and then it will change its level of security?
I’m not sure I understood that part.
- fxrAnswered on February 02, 2012 at 10:08 AM
"However, is there a way to allow for downloads and viewing of the submission(s), without giving full access to jotform?"
You can generate password protected reports but there is no way, at this time, to display them over a secure connection.
Please continue to create ALL your forms on http://www.jotform.com .
When you create any form on JotForm, the secure version is automatically generated on https://secure.jotform.com. All that is you need to do is change is the URL that you distribute, a secure URL or a non-secure URL.
Every form on JotForm has a unique ID. its an 11 digit number. You can just use this number to find the secure URL of your form.
e.g; say I have a form: http://form.jotform.com/form/20035308820
Its unique ID is 20035308820.
To find the secure version of that form. I only need to add that ID onto https://secure.jotform.com/form/
So, my secure URL for the above form is https://secure.jotform.com/form/20035308820
Thats ALL you need to do to use a secure URL for ANY form.
Hope that helps clarify things.
- ctabor1Answered on February 02, 2012 at 10:51 AMIs it secure when embedded?
- fxrAnswered on February 02, 2012 at 11:11 AM
It still technically is, but if you have it embedded on a non-https: webserver, the page wont report as being secure.
To inspire complete confidence in your forms users, you may be best linking people to the forms' JotForm URL from your website .
- sourapplerepairAnswered on August 18, 2013 at 02:04 PM
I was doing some research on this same topic and wanted to add, it probably is not such a wise idea to use it embedded on a non-https domain or page for SSL's lack of any ability to do anything about man-in-the-middle type attacks in such cases.
this means, it is possible for he who has the technical ability, to inject a 3rd party code to your page and be able to capture all the data in plain text before your data is actually at "client" end which would be your actual jotform url. so data > your site > man in the middle script > then jotform ssl > encryption > your protected data transfer > your email, database, whatever.
and as suggested, try to use the pop up version of the form so it loads the jotform, and there you can display a secured by ssl seal, get https, and put a little explainer that this is your provider. jotform also now offers its own full source code server license which you can host on any domain you want, so it will look like this https://www.upstreampehr.com/123456342formid
hope this helps all othes who may come here like me look after ssl or hippa info on jotform
- JotForm SupportjonathanAnswered on August 18, 2013 at 04:18 PM
Hi, thank you for sharing these information.
Feel free to contact us again anytime for any other concern.