Is Formstack HIPAA compliant?

Featured image

Share this article

Is Formstack HIPAA Compliant? - Paubox

Every organization, and certainly every business, needs a website. It’s a more complicated prospect for covered entities like healthcare providers, health plans, and healthcare clearinghouses, which will want to set up a HIPAA compliant website.

While some of the most popular website hosting companies are not HIPAA compliant, it’s possible to address HIPAA concerns by making sure your webhost doesn’t handle, process, or store protected health information (PHI).

For example, instead of accepting information from customers and clients through your website, you can use secure online forms provided by other companies like Formstack.

What is Formstack?

Founded in 2006, Formstack bills itself as a “no-code workplace productivity platform.”  The company’s mission is to provide “a better way” to capture data and automate repetitive work.

Today, the company has over 250 employees between offices in Colorado Springs and Indianapolis, and serves over 27,000 organizations, including Netflix, Twitter, and the National Hockey League.

The Formstack platform includes web forms, document management, digital signatures, and integrations with other popular business tools like Microsoft, Salesforce, HubSpot, PayPal and Stripe. The company’s signature offering is an easy-to-use online form builder with a drag-and-drop interface, conditional logic (providing different information or forms based on the information provided), accessible and mobile responsive designs, and analytics.

Formstack also says it uses “the highest levels of form security,” including 256-bit SSL, data encryption, PGP email encryption, password protection, and invisible reCAPTCHA.

Is Formstack HIPAA Compliant?

Formstack answers this question directly.

“Formstack offers an Enterprise level solution that is compliant with the Health Insurance Portability and Accountability Act of 1996 (HIPAA),” the company says. “Forms can collect Electronic Personal Health Information (ePHI) with HIPAA and HITECH compliant encryption technology.”

In addition to data encryption, the company has implemented access controls, auditing, and logging, and it is willing to sign a business associate agreement (BAA).

Its HIPAA compliant form offerings, first introduced in 2016, can also pass protected health data to HIPAA compliant tools from other vendors, including Salesforce, Dropbox, PayPal, Stripe, and Google Drive.

Formstack points out that it is only ensuring HIPAA compliance within the limited role it plays in your business, and that customers have to ensure that their entire system meets HIPAA security requirements. But to help customers understand the big picture, Formstack outlines Best Practices for Healthcare Forms.

In addition to HIPAA compliant forms, Formstack offers other HIPAA compliant solutions, including document management and electronic signature services.

Conclusion

As secure online form providers go, Formstack is emphatic about its “powerful HIPAA security features.”

If you want to easily collect and organize health information via a website or even a link in an email, Formstack is a solid choice.

The makers of Formstack are correct to point out that their services are only part of business processes that need to be secure from end to end. For example, if you will be exchanging email with your clients and patients, you’ll need to use HIPAA compliant email.

Try Paubox Email Suite for FREE today.
Author Photo

About the author

Ryan Ozawa

Read more by Ryan Ozawa

Get started with
end-to-end protection

Bolster your organization’s security with healthcare’s most trusted HIPAA compliant email solution

The #1-rated email encryption 
and security software on G2

G2 Badge: Email Encryption Leader Fall 2022
G2 Badge: Security Best Usability Fall 2022
G2 Badge: Encryption Momentum Leader Fall 2022
G2 Badge: Security Best Relationship Fall 2022
G2 Badge: Security Users Most Likely to Recommend Fall 2022
G2 Badge: Email Gateway Best Relationship Fall 2022
G2 Badge: Email Gateway Best Meets Requirements Fall 2022
G2 Badge - Users Most Likely to Recommend Summer 2022
G2 Badge: Email Gateway Best Results Fall 2022
G2 Badge: Email Gateway Best Usability Fall 2022
G2 Badge: Email Gateway Best Support Fall 2022
G2 Badge: Email Gateway Easiest To Use Fall 2022
G2 Badge: Email Gateway Easiest Setup Fall 2022
G2 Badge: Email Gateway Easiest Admin Fall 2022
G2 Badge: Email Gateway Easiest to do Business with Fall 2022
G2 Badge: Email Gateway Highest User Adoption 2022
G2 Badge: Email Gateway High Performer Fall 2022
G2 Badge: Email Gateway Momentum Leader Fall 2022
G2 Badge: Email Gateway Most Implementable Fall 2022
G2 Badge: Email Gateway Users Most Likely to Recommend Fall 2022