What is JotForm?
JotForm is a free online form builder which helps you create online forms without writing a single line of code. No sign-up required.

At JotForm, we want to make sure that you’re getting the online form builder help that you need. Our friendly customer support team is available 24/7.

We believe that if one user has a question, there could be more users who may have the same question. This is why many of our support forum threads are public and available to be searched and viewed. If you’d like help immediately, feel free to search for a similar question, or submit your question or concern.


  • Profile Image

    HIPAA compliance and encryption

    Asked by wvaldes on October 31, 2016 at 08:16 AM

    Got half the answer in the FAQ section but still need to verify data sovereignty. Also, the form questions provide answers about HIPAA but there are a few other rules like the HITEC which have required breach notification rules. Many require a Business Agreement to be in place so does Jotforms offer this to healthcare entities?

    I did see that you offer not only encryption "in flight" but also the option to encrypt on the server if the user selects ... very nice.

    --  --  -- Prior question:

    Great tool. Context of the questions: Using Jotform for healthcare

    1. Where is the form data stored? Is that storage guaranteed to be in the US (data sovereignty rules) and HIPAA compliant encrypted transmission?

    2. If not, can the data be redirected to a HIPAA compliant server? Amazon, Azure, and Google all offer HIPAA compliant cloud options as do many others.

    Thanks, 

    Wes 

    encryption and JotForm form data FAQ
  • Profile Image
    JotForm Support

    Answered by KadeJM on October 31, 2016 at 11:15 AM

    It seems to me that you have some concerns involving our Hippa Compliance for encryption and security reasons so this has made you question it some and we would be more than happy to clarify.

    What sort of Business Agreement are you referring to if you don't mind us asking more? Usually compliance is non-written so long as you agree to comply with the terms in most cases and generally we do not usually sign anything for these cases as far as I knows since there's been no need for it.

    As for your prior questions even though related that's a different subject that I have moved to this new thread to answer separately.

  • Profile Image
    JotForm Support

    Answered by KadeJM on October 31, 2016 at 11:20 AM

    Additionally, this thread here https://www.jotform.com/answers/333046-is-JotForm-HIPAA-Compliant should help to answer more about our Hippa Compliance.