- wvaldesAsked on October 31, 2016 at 08:16 AM
Got half the answer in the FAQ section but still need to verify data sovereignty. Also, the form questions provide answers about HIPAA but there are a few other rules like the HITEC which have required breach notification rules. Many require a Business Agreement to be in place so does Jotforms offer this to healthcare entities?
I did see that you offer not only encryption "in flight" but also the option to encrypt on the server if the user selects ... very nice.
-- -- -- Prior question:
Great tool. Context of the questions: Using Jotform for healthcare
1. Where is the form data stored? Is that storage guaranteed to be in the US (data sovereignty rules) and HIPAA compliant encrypted transmission?
2. If not, can the data be redirected to a HIPAA compliant server? Amazon, Azure, and Google all offer HIPAA compliant cloud options as do many others.
- KadeJMAnswered on October 31, 2016 at 11:15 AM
It seems to me that you have some concerns involving our Hippa Compliance for encryption and security reasons so this has made you question it some and we would be more than happy to clarify.
What sort of Business Agreement are you referring to if you don't mind us asking more? Usually compliance is non-written so long as you agree to comply with the terms in most cases and generally we do not usually sign anything for these cases as far as I knows since there's been no need for it.
As for your prior questions even though related that's a different subject that I have moved to this new thread to answer separately.
- KadeJMAnswered on October 31, 2016 at 11:20 AM
Additionally, this thread here https://www.jotform.com/answers/333046-is-JotForm-HIPAA-Compliant should help to answer more about our Hippa Compliance.