Does JotForm have any plans to be FERPA compliant?

Also, does JotForm have any plans to be Family Educational Rights and
Privacy Act (FERPA) compliant? I'm aware you are HIPAA compliant, however,
it would ease the concerns of our stake holders and those responsible for
the confidentiality of student records.

Update (April 19, 2018) HIPAA is available for our Gold & Silver plans. https://www.jotform.com/hipaa/ 

Unfortunately, we cannot provide any timeframe to become JotForm as FERPA complaint. Also, JotForm is currently not holding any compliance certificates with HIPAA. However, we can use JotForm in HIPAA compliant way. Please refer to this thread for more information on HIPAA complaint.

Also, JotForm is  PCI DSS compliant. We have PCI Service Provider Level 2 certificate. You may also check our privacy and terms of use page.

Hope this information helps! 

Thank you!
...

Additional questions per my Vise President:
- Does your platform provide Data masking?
- Data Validation?
- Is it possible to keep records of replies to senders of submissions?
- Inquiring to know if it is possible to setup a 30 day trial of your
silver package in order to have other departments (sub-account
users) within our institution test and provide input. If not, is there a
refund policy if it turns out this solution doesn't meet our needs?
We appreciate your cooperation and patience,
Phillip
...

Data Masking: I don't think we have this. If it is to protect the user's data then nothing to worry about it as we are secure. Security is one of the key features in our platform. Forms are all secured by default. For added security, we have the encryption feature.

https://www.jotform.com/help/344-What-are-Encrypted-Forms-and-how-to-use-them-as-expert

 

Data Validation: We have a few tools for data validation. For email address, we have the following:

Email validator widget: http://widgets.jotform.com/widget/e-mail_validator

Field confirmation widget: http://widgets.jotform.com/widget/field_confirmation

xVerify Emai: http://widgets.jotform.com/widget/xverify_email.

 

For address, we have SmartStreets widget: http://widgets.jotform.com/widget/smartystreets.

 

Keeping records: I'm not sure if I understand this. But all submissions are stored in our servers. But we have this Total Submissions Storage limit. Free accounts can only store up to 500 submissions, paid accounts are unlimited. If you are on the paid plan, we won't delete any submissions unless you decided to do so. 

 

30-day trial: We don't offer such, but we offer a 30-day money back guarantee. You may consider subscribing, we can refund the payment if the company will decide not to use Jotform. But we'll appreciate any feedback just in case. We will also try to provide a workaround if something's not yet possible. 

 

I hope that answers the questions. Should you need any further information, please do not hesitate to contact us again.

Great news! JotForm now offers HIPAA compliance. This means users in the healthcare industry can use JotForm to collect sensitive patient information through consent and onboarding forms, medical history updates, online bill payments, and prescription refill requests. 

HIPAA-compliant forms require a Gold pricing plan, which is only $99 a month or a Silver pricing plan, which is $39 a month. A business associate agreement (BAA) is also available upon request.

For more information about our HIPAA-compliant forms, visit www.jotform.com/hipaa. 

Update: HIPAA is available for the Silver plan as well.

Hi pesparza,

I’d like to update you that now Jotform Enterprise complies with FERPA requirements. Enterprise customers can also request to have their servers provisioned in our SOC 2-compliant environment. This allows you to deploy custom forms and apps on our hosted platform on systems secured and managed by Jotform that are compliant with these controls. You can visit this page to learn more about Jotform and FERPA.

If you have any questions, let us know.