What is JotForm?
JotForm is a free online form builder which helps you create online forms without writing a single line of code. No sign-up required.
At JotForm, we want to make sure that you’re getting the online form builder help that you need. Our friendly customer support team is available 24/7.
We believe that if one user has a question, there could be more users who may have the same question. This is why many of our support forum threads are public and available to be searched and viewed. If you’d like help immediately, feel free to search for a similar question, or submit your question or concern.
PLEASE consider offering a Business Associate Agreement (BAA)Asked by maetheridge on August 19, 2016 at 08:28 PM
I have created some beautiful medical forms through Jotform that I would like to offer on my website for patients to use, but unfortunately I cannot because Jotform does not offer the required Business Associate Agreement (BAA) that allows me to be in compliance with federal HIPAA laws. A BAA is required to be in place before a medical practitioner can use your forms for patient data.
I know what you're thinking: just use the encrypted version, and we will never have access to your patients' data at all and so your patients' information is completely secure. That makes total sense, but HIPAA requirements do not care that the data is encrypted before it gets to Jotform's servers. A BAA must be in place by law no matter if the data is encrypted or not.
An increasing number of online technology providers are offering BAA's for their customers, including Google, Hushmail, and many, many others. A BAA simply says that you agree to keep data secure and not disclose it. Here is some useful information directly from the federal government's Health and Human Services Department about BAA's:
PLEASE consider adding the option of a BAA to Jotform's services so that I can use my forms on my website and be HIPAA compliant! Otherwise, I am forced to choose a different form builder company, and my forms will be inferior.
I have elevated your request to my higher ups for proper review. We will notify you here for response and update on the status.
Thank you. Could you please provide me with an update on this question?
Our higher ups were already able to see your suggestion/request. It was now flagged as a requested feature.
But I would like to let you know that you should not get your hopes to high if this request will be updated soon.
Currently it was assigned with lower priority. It must have been due to reason that there were more feature or bugs in the Form Builder that were given much higher imporatance and priorty for this request.
It would take an attorney 15 minutes to make a BAA. Please do it.
JotForm Support Manager
We can only guide the users on how to make forms compliant with HIPAA requirements. Probably in the near future, Jotform will be fully HIPAA compliant. However, it is not possible to sign a BAA for now.
I'm sorry, Jeanette, that is not correct. HIPAA requires a BAA between the healthcare professional and the company that has access to their data, even if it is in an encrypted format. Therefore, there is no way for a healthcare provider to legally use the Jotform forms in a HIPAA compliant manner until Jotform agrees to offer a BAA to its users.
I will be very glad when Jotform adds a BAA option to its service. I have a feeling you will get a lot more paid subscribers once that happens!