Does JotForm have any plans to be FERPA compliant?

  • Profile Image
    Asked on October 06, 2016 at 01:54 PM
    Also, does JotForm have any plans to be Family Educational Rights and
    Privacy Act (FERPA) compliant? I'm aware you are HIPAA compliant, however,
    it would ease the concerns of our stake holders and those responsible for
    the confidentiality of student records.
  • Profile Image
    Answered on October 06, 2016 at 02:13 PM

    Update (April 19, 2018) HIPAA is available for our Gold & Silver plans. 

    Unfortunately, we cannot provide any timeframe to become JotForm as FERPA complaint. Also, JotForm is currently not holding any compliance certificates with HIPAA. However, we can use JotForm in HIPAA compliant way. Please refer to this thread for more information on HIPAA complaint.

    Also, JotForm is  PCI DSS compliant. We have PCI Service Provider Level 2 certificate. You may also check our privacy and terms of use page.

    Hope this information helps! 

  • Profile Image
    Answered on October 06, 2016 at 03:44 PM
    Thank you!
  • Profile Image
    Answered on October 17, 2016 at 12:44 PM
    Additional questions per my Vise President:
    - Does your platform provide Data masking?
    - Data Validation?
    - Is it possible to keep records of replies to senders of submissions?
    - Inquiring to know if it is possible to setup a 30 day trial of your
    silver package in order to have other departments (sub-account
    users) within our institution test and provide input. If not, is there a
    refund policy if it turns out this solution doesn't meet our needs?
    We appreciate your cooperation and patience,
  • Profile Image
    Answered on October 17, 2016 at 02:07 PM

    Data Masking: I don't think we have this. If it is to protect the user's data then nothing to worry about it as we are secure. Security is one of the key features in our platform. Forms are all secured by default. For added security, we have the encryption feature.


    Data Validation: We have a few tools for data validation. For email address, we have the following:

    Email validator widget:

    Field confirmation widget:

    xVerify Emai:


    For address, we have SmartStreets widget:


    Keeping records: I'm not sure if I understand this. But all submissions are stored in our servers. But we have this Total Submissions Storage limit. Free accounts can only store up to 500 submissions, paid accounts are unlimited. If you are on the paid plan, we won't delete any submissions unless you decided to do so. 


    30-day trial: We don't offer such, but we offer a 30-day money back guarantee. You may consider subscribing, we can refund the payment if the company will decide not to use Jotform. But we'll appreciate any feedback just in case. We will also try to provide a workaround if something's not yet possible. 


    I hope that answers the questions. Should you need any further information, please do not hesitate to contact us again.

  • Profile Image
    Answered on October 18, 2016 at 02:44 PM
    Could you please provide the following for our business department:
    - Contact number
    - fax number
    Our business manager will need this information in order to process for
    Thank you - Phillip
  • Profile Image
    Answered on April 10, 2018 at 07:30 AM

    Great news! JotForm now offers HIPAA compliance. This means users in the healthcare industry can use JotForm to collect sensitive patient information through consent and onboarding forms, medical history updates, online bill payments, and prescription refill requests. 

    HIPAA-compliant forms require a Gold pricing plan, which is only $99 a month or a Silver pricing plan, which is $39 a month. A business associate agreement (BAA) is also available upon request.

    For more information about our HIPAA-compliant forms, visit

  • Profile Image
    Answered on April 19, 2018 at 07:37 AM

    Update: HIPAA is available for the Silver plan as well.