Formstack offers an Enterprise level solution that is compliant with the Health Insurance Portability and Accountability Act of 1996 (HIPAA). Forms can collect Electronic Personal Health Information (ePHI) with HIPAA and HITECH compliant encryption technology. Mandatory security measures for Formstack HIPAA compliance include data encryption, access controls, auditing, and logging.
Additionally, we offer a few integrations that comply with the Health Insurance Portability and Accountability Act of 1996 (HIPAA). This will allow you to pass ePHI data securely through the integration. Formstack is one piece of your process that is HIPAA & HITECH compliant and we are not liable for ensuring that your entire process is meeting HIPAA security requirements. However, we are responsible for ensuring that when your data is within Formstack, it is in fact encrypted at rest and encrypted when passed to any given integration.
Our current HIPAA Integration:
- Formstack Documents (formerly WebMerge)
- Paypal (but not PayPal Pro)
- Salesforce Marketing Cloud
- Google Calendar
- Google Contacts
- Google Drive
- Google Sheets
We will be adding additional HIPAA version of our Integrations in the future.