Adding HIPAA Compliance to your Web Forms in 10 minutes

April 21st, 2015

Forms are pervasive on websites; the number of forms associated with medical websites is growing exponentially as everyone is scrambling toward digital transformation. The goal of a paperless office seeks to optimize time spent processing applications and managing patient data, speeding up the process of making appointments and getting referrals, meeting meaningful use, etc.

Web forms used in the medical industry generally have to be HIPAA-compliant, however, as they almost always involve the input and transfer of ePHI in one way or another. That presents a problem as the requirements for a HIPAA-compliant website are complex and take knowledgeable and experienced developers to implement and take extra time and money to get right — and you have to get things right where HIPAA is concerned.

So, this is where most people are:

  1. They have a website, which itself is likely not HIPAA-compliant yet
  2. They have some web forms already or maybe have some forms that they want to put up
  3. These forms will collect ePHI
  4. They need to set this up and have it be HIPAA-compliant and don’t want to spend a lot of money or time getting it going.

What they need is “HIPAA Form Processing.”

Take any new or existing form anywhere on the web and “plug” it into a HIPAA-compliant form data processing backend system.

  1. Make the form
  2. Tell the system how you want to save and/or receive the posts
  3. Make a small change to your form
  4. Sit back and let your form work for you in a compliant way.

You don’t have to hire an expensive developer experienced in HIPAA, and you do not have to spend excessive time learning programs or scripts to handle your compliance needs. You do not even have to change where your website is hosted.

Secure Form for HIPAA Form Processing

LuxSci’s Secure Form service is a simple but powerful HIPAA form processing service. Add HIPAA compliance to your forms in just three steps:

  1. Sign up with LuxSci for Secure Form with HIPAA compliance: LuxSci signs a HIPAA Business Associate Agreement with you as Omnibus requires.
  2. Configure Secure Form: Set up your forms and decide how you want your data saved– e.g., sent in a secure email, saved in a database, uploaded to your secure FTP site, etc.
  3. Edit your form: Change one or a few lines in your web form code to connect your form to Secure Form so that we securely receive and process your form data.

That’s it — your form posting is compliant!

Some of the extras available with Secure Form

When your form is plugged into Secure Form for processing, you have several cool extras you can choose to use:

  1. Stop Spam – Eliminate spurious / unwanted form submissions. See: Web form spam – block spam without a captcha code
  2. Get Signatures — Have your visitors sign their names to the forms and capture these signatures for contractual, informed consent, or other reasons.
  3. Upload Files — Secure Form supports uploading files of all types from your forms.
  4. Get Notices — In addition to receiving your form data any way you need it, you can have text messages or emails sent to you whenever a form submission comes through.
  5. PDF Forms — Secure Form supports processing data from PDF forms and re-filling your web and PDF form submissions back into PDFs (or HTML templates) to make saving and processing these simpler for your staff.
  6. PDF Hosting – Host your PDF forms securely with LuxSci
  7. Form BuilderBuild and host your form pages securely on LuxSci, so you do not even need to have your SSL-protected website on which to host them.