Jotform HIPAA accounts are served from an isolated HIPAA system. In that system, we are taking additional measures in addition to our normal practices to avoid even unintentional data breaches. When you enable HIPAA compliance features, all your data is migrated to the isolated HIPAA system which supports HIPAA guidelines.
You may create a new account or enable HIPAA compliance features from your existing Jotform account. Our upgrade wizard will help you with both cases, and in this guide, we will explain those steps.
The upgrade wizard can be initiated from your account’s Data page.
After clicking the Enable HIPAA Compliance button, the setup wizard will go through the following:
Enable HIPAA Compliance features
The upgrade wizard will first check your subscription type. We are offering HIPAA compliance features only for Gold subscriptions. You will see the following message if you don’t have a Gold subscription.
Verify Your Email Address
The upgrade wizard will check if you have verified your email address. If you have not already verified your email address, you will see the following message:
Set a Strong Password
HIPAA Compliance requires the use of strong passwords. The upgrade wizard will ask you to define a new password if you have a weak one, which will be your new password to log in to your HIPAA account.
The new password has to follow the HIPAA guidelines where your password must be different from your last 6 passwords and contain at least:
- 1 lowercase letter
- 1 uppercase letter
- 1 number
- 1 special character
- 8 characters
Data Transfer Consent
The setup wizard will ask for your consent to move your data to our HIPAA server, which provides high-level security.
Tick on the “I understand and agree” checkbox and the Next button.
In this step, the upgrade wizard will review all your forms for HIPAA compliance. To avoid any HIPAA compliance issues, Jotform will only allow widgets and integrations that help with HIPAA compliance in your forms. If the wizard detects any elements in your forms that are not suitable for HIPAA compliance, it will list them.
The setup wizard will show the following message if no issues are found.
Click the Next button to sign the Business Associate Agreement.
Sign a Business Associate Agreement (BAA)
Before the final migration process, you will be asked to sign Jotform’s Business Associate Agreement (BAA). Provide the required information and click Submit. BAA will be generated automatically with the information you have provided and will be sent to you via email once the HIPAA enabling operation is completed on your account.
The setup wizard will show a message that your forms and submissions are ready for migration.
Click the Start Migration button to proceed. This will trigger the automated migration process for your forms. Once the migration is completed, you will see the following screen showing the migration result.
You will also receive an email notifying you about the result of the migration. Jotform’s signed Business Associate Agreement (BAA) will also be attached to this email.
Congratulations! Your account, forms, and data are now enabled for HIPAA Compliance. The HIPAA Compliance badge is automatically added to your account and forms.
See also: How to Make Sure Your Forms Are Suitable for HIPAA Compliance.
After the migration (which went smoothly and was painless), all the links changed. If you have links to your forms embedded in messages or website, it is necessary to update all the links.
HIPAA compliant set up wizard is not coming up for me. Please help.
How would this migration affect preexisting forms? Would we have to fix anything within the older ones?
If I upgrade to HIPAA compliance, does it mean that every form woll be checked for HIPAA compliance. or I can choose which form will be checked for HIPAA compliance
I have updated my Silver membership to be HIPAA compliant. When will forms be active again on my website OmOmbre.com?