Adding HIPAA-Compliance to your Web Forms in 10 minutes

Published: April 21st, 2015

Forms are pervasive on web sites; the number of forms associated with medical web sites is growing exponentially as everyone is scrambling towards the goal of a paperless office, seeking to optimize time spent processing applications and managing patient data, speeding up the process of making appointments and getting referrals, meeting meaningful use, etc.

Web forms used in the medical industry generally have to be HIPAA-compliant, however, as they almost always involve the input and transfer of ePHI in one way or another.  That presents a problem as the requirements for a HIPAA-compliant web site are complex and take knowledgeable and experienced developers to implement and take extra time and money to get right — and you really have to get things right where HIPAA is concerned.

So, this is where most people are:

  1. They have a web site, which itself is likely not HIPAA compliant yet
  2. The have some web forms already … or maybe have some forms that they want to put up
  3. These forms will collect ePHI
  4. They need to set this up and have it be HIPAA compliant and don’t want to spend a lot of money or time getting it going.

What they need is “HIPAA Form Processing“. 

Take any new or existing form anywhere on the web and “plug” it into a HIPAA-compliant form data processing back end system.

  1. You make the form
  2. You tell the system how you want to save and/or receive the posts
  3. You make a small change to your form
  4. You sit back and let your form work for you in a compliant way.

You don’t have to hire an expensive developer experienced in HIPAA and you do not have to spend excessive time learning programs or scripts to handle your compliance needs. You do not even have to change where your web site is hosted.

SecureForm for HIPAA Form Processing

LuxSci’s SecureForm service is a simple but powerful HIPAA Form Processing service.

  1. Sign up with Luxsci for SecureForm with HIPAA compliance.  LuxSci signs a HIPAA Business Associate Agreement with you as required by Omnibus.
  2. Configure SecureForm — letting it know about your forms and how your want your data — e.g. secure email, saved in a database, uploaded to your secure FTP site, etc.
  3. Edit your form — change one or a few lines in your web form code to connect your form to SecureForm so that we securely receive and process your form data.

That’s it — your form posting is compliant!

Some of the extras available with SecureForm

When your form is plugged into SecureForm for processing, you have a number of cool extras you can choose to use:

  1. Stop Spam – Eliminate spurious / unwanted form submissions. See: Web form spam – block spam without a captcha code
  2. Get Signatures — Have your visitors sign their names to the forms and capture these signatures for contractual, informed consent, or other reasons.
  3. Upload Files — SecureForm supports uploading files of all types from your forms.
  4. Get Notices — In addition to receiving your form data any way you need it, you can have text messages or emails sent to you whenever a form submission comes through.
  5. PDF Forms — SecureForm supports processing data from PDF forms as well as re-filling your web and PDF form submissions back into PDFs (or HTML templates) to make saving and processing these simpler for your staff.
  6. PDF Hosting – Host your PDF forms securely with LuxSci
  7. Form BuilderBuild and host your form pages securely on LuxSci … so you do not even need to have your own SSL-protected web site on which to host them.

Watch the SecureForm Video Overview.

Leave a Comment


You must be connected or logged in to post a comment. This is to reduce spam comments.

If you have not previously commented, you can connect using existing social media account, or register with a new username and password.