Secure Web Forms for Healthcare

Healthcare organizations that want to use web forms to collect information online must adopt security measures that protect sensitive data and meet compliance requirements. Unsecured web forms can provide easy access for hackers to infiltrate and collect confidential information. LuxSci developed HIPAA-compliant Secure Forms to permit the safe collection of patient data online. Using Secure Forms allows organizations the flexibility to safely move workflows online.

Secure Form Features

Secure Form seamlessly integrates with current web or PDF forms. Secure Form is compatible with any CMS (including WordPress), as well as custom-coded pages made using HTML, PHP, JAVA, and any other language. Data can be saved in multiple formats: plain text, two-column html, CSV (Excel), XML, refilled custom templates (HTML, XML, or other), and refilled PDF templates (even with data from Web forms).

LuxSci also offers Ink Signatures for forms. These capture the authentic handwritten signatures of anyone filling out a Secure Form-enabled web form. There's no special software or technical knowledge required. Anyone can sign with a mouse, a stylus, or a touchscreen. This user-friendly feature provides an easy way to add legally binding signatures to forms and are much easier to implement than other digital signature technologies.

The Secure Form FormBuilder is a web interface that allows individuals to configure and customize forms without coding knowledge. Secure Form protects data during transmission, using TLS encryption, and at rest, using PGP and/or AES encryption.

Show Features

Secure Form FAQ: What You Need to Know

Yes. Secure Form integrates with any web or PDF form hosted anywhere. A few minutes is all that it takes to update an existing form to send its data to Secure Form for processing and delivery or storage.

No. You can keep your web site where it is and either integrate its existing forms with Secure Form, or link your site to forms saved in Secure Form FormBuilder.

Secure Form will transmit or save your form data in any combination of formats: plain text, two-column HTML, CSV (Excel), XML, refilled custom templates (HTML, XML, or other), and re-filled PDF templates (even with the data from web form submissions).

Secure Form can transmit or save your form data to many different locations (Integrations). See: How Secure Form Works.

Yes. HIPAA customers get a trustmark that looks like this:

LuxSci helps ensure HIPAA-compliance for email and web services.

We do not make your forms. You or your web designer can modify your existing forms, make new forms hosted elsewhere, or use Secure Form visual form builder to make and host new forms.

We do not manage or migrate your forms. You or your web designer can migrate your existing forms, make new forms hosted elsewhere, or use Secure Form visual form builder to make and host new forms.

You don't need programming skills when using the Secure Form visual form builder or PDF forms. When designing or updating your existing/external web forms, you or your web designer will have to edit a couple of lines of HTML code to direct the form submissions to Secure Form; if a content management system such as Gravity Forms for Wordpress generates or dynamically manages your forms, then you may need a little coding to integrate Secure Form.

Pricing is based on the number of forms and number of submissions per day. See the Compare Plans. The tiers are:

  • Starter: Up to 3 forms and up to 1,000 posts/day
  • Professional: Up to 25 forms and up to 5,000 posts/day
  • Enterprise: Up to 100 forms and up to 10,000 posts/day

For larger limits, please contact sales.

When using Secure Form, data transmits from the end-user's browser (or PDF) to LuxSci, encrypted using strong TLS ciphers. Once it arrives, what happens next depends on the integrations you configure; the security of the results is then, to a certain degree, your choice. For example:

  • Encrypted Email: The data can be sent encrypted using PGP, S/MIME, Forced TLS, or via Escrow secure Web pickup.
  • Secure FTP: You can upload data and files to your server using Secure FTP and a strong cipher like AES 256. Once the files are there, their security is up to you.
  • MySQL Database: You can save your form data to a database and you have the option of having all files and data encrypted at rest with native AES encryption.
  • WebAide File Storage: You can save your form data to our WebAide Documents collaborative online file storage system. You can choose to have this data be automatically and seamlessly PGP-encrypted.
  • WebHook Integrations: Data can be translated securely (over TLS) to external services using WebHooks.

You do not need your own TLS certificate to use Secure Form; however, if you are hosting your forms on your own website, we do recommend that you secure that site with TLS to protect your form pages themselves from alteration/hacking before getting to your end users.

Secure Form includes detailed reports of all successful form posts, and of many kinds of post failures (including emailed alerts of important types of failures). If saving your data to a hosted database, Secure Form provides an audit trail of views and deletions (if such are permitted) of all rows of posted data accessed via our API or or Web-based Form Database viewer.

Yes. Secure Form has an API that allows listing, downloading, and optional deletion of Secure Form data saved to a hosted database. See: LuxSci's API.

Yes. You can order Private Labeling and then customize all URLs so that LuxSci's domain names are not visible anywhere. You will also need to buy your own TLS certificate or purchase one from LuxSci.

Other questions? Call Sales

eBook: HIPAA-compliant Forms

A technical guide to securing web forms

Book 5 in the LuxSci Internet Security Series.

Created by Erik Kangas, PhD

Get the HIPAA eBook

find out why healthcare organizations trust LuxSci with their patient data