How to Enable HIPAA Compliance?

Last Update: 

Jotform HIPAA accounts are served from an isolated HIPAA system. In that system, we are taking additional measures in addition to our normal practices to avoid even unintentional data breaches. When you enable HIPAA compliance features, all your data is migrated to the isolated HIPAA system which supports HIPAA guidelines.

You may create a new account or enable HIPAA compliance features from your existing Jotform account. Our upgrade wizard will help you with both cases, and in this guide, we will explain those steps.

The upgrade wizard can be initiated from your account’s Data page.


After clicking the Enable HIPAA Compliance button, the setup wizard will go through the following:

Enable HIPAA Compliance features

The upgrade wizard will first check your subscription type. We are offering HIPAA compliance features only for Gold subscriptions. You will see the following message if you don’t have a Gold subscription.


Verify Your Email Address

The upgrade wizard will check if you have verified your email address. If you have not already verified your email address, you will see the following message:


Set a Strong Password

HIPAA Compliance requires the use of strong passwords. The upgrade wizard will ask you to define a new password if you have a weak one, which will be your new password to log in to your HIPAA account.

The new password has to follow the HIPAA guidelines where your password must be different from your last 6 passwords and contain at least:

  • 1 lowercase letter
  • 1 uppercase letter
  • 1 number
  • 1 special character
  • 8 characters

The setup wizard will ask for your consent to move your data to our HIPAA server, which provides high-level security.

Tick on the “I understand and agree” checkbox and the Next button.


Form Review

In this step, the upgrade wizard will review all your forms for HIPAA compliance. To avoid any HIPAA compliance issues, Jotform will only allow widgets and integrations that help with HIPAA compliance in your forms. If the wizard detects any elements in your forms that are not suitable for HIPAA compliance, it will list them.

The setup wizard will show the following message if no issues are found.


Click the Next button to sign the Business Associate Agreement.

Sign a Business Associate Agreement (BAA)

Before the final migration process, you will be asked to sign Jotform’s Business Associate Agreement (BAA). Provide the required information and click Submit. BAA will be generated automatically with the information you have provided and will be sent to you via email once the HIPAA enabling operation is completed on your account.


Form Migration

The setup wizard will show a message that your forms and submissions are ready for migration.


Click the Start Migration button to proceed. This will trigger the automated migration process for your forms. Once the migration is completed, you will see the following screen showing the migration result.


You will also receive an email notifying you about the result of the migration. Jotform’s signed Business Associate Agreement (BAA) will also be attached to this email.


Congratulations! Your account, forms, and data are now enabled for HIPAA Compliance. The HIPAA Compliance badge is automatically added to your account and forms.

See also: How to Make Sure Your Forms Are Suitable for HIPAA Compliance.

Was this guide helpful?
Contact Support:

Our customer support team is available 24/7 and our average response time is between one to two hours.
Our team can be contacted via:

Support Forum:

Contact Jotform Support:

Send Comment:

Jotform Avatar
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.


  • Jutta Ulrich - Profile picture
  • Jean Metivier - Profile picture
  • DiverseAbility - Profile picture
  • Dwi Edhityasrini Pratikto - Profile picture
  • Tiffany Michelle Holm - Profile picture