Skip to main content
Contact Support

Maintaining HIPAA Compliance with Formstack

Ryan J.

Formstack offers a solution that supports an organization's HIPAA compliance goals with robust security features. Formstack facilitates compliance through these features. The Formstack solution can collect Electronic Personal Health Information (ePHI) employing encryption technology that aligns with the security considerations of HIPAA and HITECH. These mandatory security measures include data encryption, access controls, auditing, and logging to safeguard your data.

 

Achieving HIPAA & HITECH Compliance is fundamentally about ensuring the security of data, including encryption of data at rest and controlling access to ePHI. This security protocol applies to the entire data lifecycle, including when data is transferred between software applications. While Formstack's features are designed to comply with these security requirements, it is crucial to recognize that Formstack is one component in your broader compliance ecosystem. We are committed to ensuring that data within Formstack is encrypted at rest. However, the responsibility for maintaining HIPAA compliance throughout your entire process, including with any integrations, rests with your organization.

 

Feature Category

Feature Details

Benefits

Integrations
  • Stripe
  • PayPal
  • Dropbox
  • Box.net
  • Salesforce
  • Google Suite
  • Amazon S3
  • Secure data exchange
  • Enhanced privacy

Email & SMTP
  • Mandatory SMTP for form data
  • Restrict email recipients
  • Customizable email messages
  • Secure communication
  • Control over data distribution

API & Data Handling
  • Restrictions on submit actions and webhooks
  • No attachments in submissions
  • Reduced data exposure
  • Enhanced data security

Security Measures
  • SAML Authentication without logging
  • Controlled access to submission sharing and credentials
  • Privacy-focused authentication
  • Safeguarded sensitive information

Document Security
  • Special protocols for handling error emails and attachments
  • Prevent unintentional data breaches

Support for Compliance
  • Tools and features designed to support compliance efforts
  • Peace of mind in meeting regulatory standards

Business Associate Agreement (BAA)
  • Commitment to sign a Business Associate Agreement with each customer
  • Demonstrates a serious commitment to upholding data protection and compliance standards

 

To learn more about HIPAA and how you can activate one of Formstacks for Healthcare plans for your organization, please contact the Formstack Support Team and for more information on Formstack's security you can visit our Data Security page

Related articles