" secure form Archives - LuxSci FYI Blog: Learn about HIPAA email encryption, secure email encryption, and more
LUXSCI

Posts Tagged ‘secure form’

What to Look for in a HIPAA-Compliant Online Form Builder

Tuesday, October 9th, 2018

As a healthcare provider, or for that matter any entity that works with healthcare clients, you are probably already aware of the fact that you cannot use traditional web forms to accept PHI (Protected Health Information). That would be a gross violation of the HIPAA regulations and can get you into a lot of trouble. For instance, you might have to pay a hefty fine.

Now, many organizations make use of online form builders to capture client or patient information. There is a reason for it – the forms make it much easier to collect patient information and also manage the clients themselves.  They automate workflows and reduce paperwork.  They save time.

But, when it comes to healthcare information, there are obvious risks that come into play. HIPAA regulations exist to minimize those risks by protecting patient data. But, how can organizations ensure that the data captured by such forms are protected?

HIPAA compliant online form builder

Well, the answer is to create forms that are compliant with HIPAA standards. In this blog, we are going to list out the key features that need to be included in a HIPAA-compliant online form.

Business Associate Agreement

First and foremost, a HIPAA-compliant form obtained through a third-party service must come with a BAA (Business Associate Agreement) from that third party. As you might know, a BAA is basically a hybrid agreement, in that, it is both, contractual and regulatory in nature. Essentially, the agreement satisfies all regulations under HIPAA and also establishes expectations and liability between the parties.

Read the rest of this post »

Online Form Design Best Practices

Tuesday, October 2nd, 2018

Most businesses and organizations today use online forms to collect customer information. The same applies to healthcare companies. But, healthcare companies need to abide by stringent regulations concerning PHI or Protected Health Information under HIPAA.

So, it is of the utmost importance for such organizations to follow certain best practices when designing these forms. Let’s take a look at a few of them.

Security

First and foremost, the data that is filled into the form must be secured when being transmitted, processed and stored. One way to do that is via encryption. Encryption secures form data by making it unreadable to those who do not have the access. This typically includes the browser and server.

SSL is one of the encryption options you can consider. It stands for Secure Sockets Layer and it’s basically a type of security protocol that secures the connection between sender and receiver. So, when data is transmitted, only the sender and receiver will have access to it. No third party can intercept and retrieve the data.

So, SSL encryption allows you to secure the submitted data during transmission.

online form design

You can make the data even more secure by adding an authentication layer. What that means is that only people who are authorized to view the data will be able to do so. This can go a long way in preventing unauthorized access.

Protect Yourself from Bots

Bots are automated programs that go poking around the Internet, looking for information, looking for system vulnerabilities, and looking for ways to send spam, among other things.  It is extremely common for such bots to automatically fill out and submit online forms … often with garbage or with spam.

Read the rest of this post »

LuxSci’s 2016 Advancements – The Year in Review

Saturday, December 31st, 2016

LuxSci has been really busy in 2016!  Besides migrating customers from McAfee due to the “end of life” of their filtering and archival services, keeping up with the changing security landscape, and replacing our Enterprise Server Environment with a newer, faster, more scalable, and more secure private cloud, LuxSci has been hard at work adding new features and extending existing services in the directions most requested by our customers.  Here are some of the highlights.

Read the rest of this post »

Private Labeling SecureForm

Monday, February 10th, 2014

LuxSci’s SecureForm service enables you to quickly make your web site or PDF forms secure and HIPAA compliant. Receive the form data, including uploaded files, via secure email or download the data securely from LuxSci’s web interface.  It also supports insecure form posts and delivery, making the usual form-to-email process easy to setup and protected from form Spam.

Typically, when using SecureForm, your web or PDF form will post to a secure web site address (URL) that is provided by LuxSci in the LuxSci.com domain name.  I.e. something like “https://secureform.luxsci.com/…”.  Once the form data is processed, the end user is redirected to a success or failure web page on your site (for web forms), or is shown a success or failure PDF that you provide (for PDF forms).  I.e. under most conditions, the end user will never see the domain name to which the form is posted.

For resellers or businesses who wish to use their own web site address in their forms so as to brand the secure form posts and hide the fact that LuxSci is the back end, perhaps something like “https://forms.yourdomain.com/…”, LuxSci has an easy solution: Private Labeling.

Read the rest of this post »

SecureForm Form to Email Service — Now Supports Dynamic Email Subjects

Wednesday, August 4th, 2010

LuxSci SecureForm is an easy way to add or enhance security and/or functionality to web and PDF forms you use to collect important information. Receive the form data via insecure or secure email in a broad range of formats, and/or save it to a LuxSci Documents WebAide (encryption optional) for future online access.

With the new “Dynamic Subject” feature of SecureForm, you can now auto-substitute the posted form content from one or more of your form fields into the subject line of the form-data-laden email messages that you receive from SecureForm.*

For example, instead of receiving a message with a generic subject like “Form post from your contact information form”, it could now be dynamic.  You could enter the subject with a place holder, i.e. “Contact information form post from {{contact_name}}”.  The data posted in the form field named “contact_name” would be substituted and you would get an email that with a subject line of “Contact information form post from John Smith”.

You can have multiple place holders in your subject lines.

For an overview of SecureForm, see our SecureForm video.

* Note that the Dynamic Subject feature of SecureForm is not available to HIPAA accounts for compliance reasons.

LUXSCI