JotForm User Guide / JotForm Enterprise /

ENTERPRISE: Regular Server vs. HIPAA Compliant Server

ENTERPRISE: Regular Server vs. HIPAA Compliant Server

On the move to HIPAA, here are some potential pitfalls that you need to be aware of

   Approval Workflows,
   What Else?


Data is encrypted at rest by default at an Enterprise Server (good for PII):

Enterprise solution is completely isolated from JotForm environment, so nothing is shared with other users.

All data (user's forms/submissions etc.) is automatically encrypted at rest while being written to the physical disks.

Each encryption key is also encrypted with master keys managed by Google Cloud Platform (our hosting partner).

Encryption at rest database, available on HIPAA, is one level above that (required for PHI):

Our servers get the raw data, and while writing it to the database, we encrypt it with AES256 (every individual submission has a unique key) and every individual AES265 key is also encrypted with user's public key (RSA2048). Keys are seamless to users and completely managed by JotForm. 

In short, the regular enterprise setup provides disk encryption, whereas HIPAA adds database encryption over it.


Compared to the 100+ available integrations for non-HIPAA servers the number of available integrations goes down significantly to a handful:

HIPAA Integrations


What this means is any existing integration you might have that is not on this list will be disabled. Note that this is not a JotForm limitation, but a HIPAA requirement which mandates end-to-end HIPAA compliance (traceability of each access to PHI to a known, unique individual).

And even with these available integrations, it is your legal responsibility to maintain HIPAA compliance. If you have integrated your form submission data with a Google spreadsheet for instance, and then made that Sheet available openly to the internet, obviously that would not be a HIPAA-compliant integration.

Approval Workflows

As mentioned above, HIPAA regulations dictate that every single access to PHI (Protected Health Information) needs to be traceable to a unique individual with their own identifiable login credentials. This may or may not impact your workflows. For instance, the methods based on accessing data without a user account (forwarding an 'edit submission' link via email) may not work anymore. 
Likewise, if you ever build workflows where you have approvers, those approvers will need to have user accounts of their own in order to approve/deny a submission by editing it in a system directly (submissions page). Editing submissions is only available to a form owner or another user who is granted access to form submissions, any kind of editing action is only possible within our system. 


One of the insecure channels of sharing PHI data is emails. In HIPAA Compliant accounts, you can still use Notification and AutoResponder emails keeping in mind that it is your legal responsibility on using them in a HIPAA compliant way. 
At JotForm it is possible to select which form fields are collecting PHI data and mark those fields as 'Protected'. Information collected with 'Protected' fields will be hidden in emails.
For more information on how to use PHI fields on forms, please refer to this help article: 
A good example of keeping PHI data protected in emails is  provided below:
HIPAA emails

What Else?

Other important limitations that should be mentioned are:

- file uploads collected with any HIPAA account can not be available without login, so if you are expecting to download files via emailed files links, please make sure to login to your HIPAA account; 

- transferring ownership of a form containing submission data from one server user to another is not possible; 

- HIPAA forms can not be cloned by a user on their own, but this can be requested and performed under control of our developers.

Contact Support:
Our customer support team is available 24/7 and our average response time is between one to two hours.
Our team can be contacted via:
Contact JotForm Support:

Send Comment

1 Comment...

  • jhcain

    What is a NULL widget on a form?