If your form is setup as a web page on your site or created using FormBuilder:
Note that this process is always the same regardless of where your web site is hosted. Also, unless your web form is misconfigured, the visitor will never be redirected from your web site and will always see your URLs in the address bar. With web site forms, the submission process to LuxSci's servers is always fully transparent to the user.
If your form is in a PDF, the process is similar:
Where would you like your data to be saved or sent?
|Database. Instead of a file, have your data uploaded directly to a MySQL database. Access that data online through our reporting tools.|
|Document Storage. Store your file in LuxSci Documents, part of our WebAides collaboration suite.|
|Email. Send the form data and files to you via regular or secure email. Send to any email address/multiple email addresses.|
|FTP/SFTP Server. Have your data uploaded to any web server via FTP or SFTP.|
|Notice. Send a simple post notification via Email, SMS/text message, SecureChat.|
|SecureChat/Mediprocity. Send the form data and files directly to your mobile device or desktop using our real-time SecureChat service.|
|Dropbox. Send form data and files to your Dropbox account.|
|Slack. Send a custom data-laden message to any Slack channel.|
|Webhook. Send a to any third-party service that supports inbound JSON or URL-encoded Webhooks.|
What formats would you like your saved/sent data in? Some Integrations (e.g. WebHook) come with their own special data format customization options.
|Plain text. Receive your data as a raw text file.|
|Tabular HTML. A nicely formatted, two-column HTML view of the form fields and data.|
|XML Simple, automatically-created XML document.|
|PDF. Receive your data as a complete FDF or PDF file, or as a refilled PDF template file.|
|Text/HTML Template. Receive your data as a refilled template file in text, HTML, XML, or any other text-based file format.|
|CSV. Receive your data as a CSV (Comma Separated Values) file to be viewed in programs such as Microsoft Excel.|
For custom solutions, multiple servers, dedicated hardware and disaster recovery options, contact sales.
SecureForm services can also be an upgrade/add-on for customers with existing Secure Email or Secure Hosting accounts.
|Feature||Shared Business||Shared Enterprise||Dedicated Business||Dedicated Enterprise|
HIPAA Compliance Available?
HIPAA compliance is available for all SecureForm accounts except the 3-form shared options.
PDFs are hosted in Amazon AWS and are made available through Amazon CloudFront.
PDF & HTML Templates
Secure Email via SecureLine
|USA||Texas, USA||USA or Custom||Texas, USA|
LuxSci's services are provided on servers located in USA-based data centers (RackSpace or Amazon).
*Business Class dedicated servers can be provisioned in RackSpace and Amazon data centers around the world if requested by the customer. There may be an additional setup fee for a non-standard location.
Enterprise class servers and Business Class servers at RackSpace enjoy software firewalls and redundant HA hardware firewalls.
Business Class servers at Amazon enjoy software firewalls and AWS Security Group logical network firewalls.
Standard backups of your server data are included. These include 7 daily on-site backups and 4 weekly off-site backups.
Full Disk Encryption
*Business Class dedicated servers from RackSpace, used for large-scale emailing only have full disk encryption if requested by the customer. This will require ordering a separate disk.
Dedicated SecureForm Processing?
Dedicated SecureForm Processing requires a dedicated server with Private Labeling.
When ordering shared SecureForm services, SecureForms are processed through a shared Enterprise Class cluster and your data is saved on a shared Business Class or Enterprise Class server.
Dedicated solutions are ideal for isolating both your data and the processing of your data from everyone else. Dedicated SecureForm Processing servers require servers with a minimum of 2 CPU cores and 4 GB of memory.
Custom Backup/Retention Schedules?
Dedicated server customers can choose custom backup frequencies and retention schedules; this may come with an additional cost. Contact sales for more information.
|Single server||Redundant Cluster||Single Server||Redundant Cluster|
Business Class servers are single virtual servers running in the RackSpace or Amazon Public cloud. Enterprise Class servers are VMWare virtual servers running on a redundant cluster of servers in LuxSci's Private Cloud at RackSpace.
Account Isolation: No other LuxSci customers have access to your server. No shared servers.
In a shared solution, many 100s or 1000s of separate customers share the same server. Security replies on logical and software partitioning of access and resources. Shared solutions are inherently less secure, have less consistent performance, but are less expensive. Dedicated servers are recommended for when security and consistent performance are important.
Ultra-reliable: proof against hardware failure
Enterprise Class servers are virtual machines that run on a redundant VMWare cluster. If one of the underlying hypervisors should have a hardware issue, all servers running on it are immediately rebooted on another hypervisor, limiting potential downtime to seconds.
Choose Enterprise Class when server uptime is a very high priority.
Server Isolation: All servers running on the same hardware belong to LuxSci. No public cloud servers.
In the Business Class environment, your server is in a Public Cloud. This means that other servers running on the same underlying hardware (hypervisor) may be owned by organizations unrelated to LuxSci. This provides some security risk compared to use of LuxSci's Private Cloud Enterprise Class environment, where LuxSci owns the underlying hardware and is in control of all servers running on it. Additionally, the Business Class environment may have less consistent performance due to the possibility of "noisy neighbor" servers outside of LuxSci's control.
Privte Label Branding
Private Label branding is optional on shared accounts. It starts at $25/mo. Private Label branding is required for dedicated SecureForm processing servers and is thus included in the "Starting Price" listed below.
Maximum Post Size:
|50 MB||50 MB||50+ MB||50+ MB|
On dedicated SecureForm processing servers, we can customize your maximum form post size limit.
Starting Price: 3 forms & 1K posts/day
Starting Price: 25 forms & 5K posts/day
Starting Price: 100 forms & 10K posts/day
Starting Price: Custom limits
Yes. SecureForm integrates with any web or PDF form hosted anywhere. A few minutes is all that it takes to update an existing form to send its data to SecureForm for processing and delivery or storage.
No. You can keep your web site where it is and either integrate its existing forms with SecureForm, or link your site to forms saved in SecureForm FormBuilder.
SecureForm will transmit or save your form data in any combination of formats: plain text, two-column HTML, CSV (Excel), XML, refilled custom templates (HTML, XML, or other), and re-filled PDF templates (even with the data from web form submissions).
SecureForm can transmit or save your form data to many different locations (Integrations). See: "How SecureForm Works".
We do not make your forms. You or your web designer can modify your existing forms, make new forms hosted elsewhere, or use SecureForm visual form builder to make and host new forms. We do provide custom consulting services for form design. This is $250/hour.
You don't need programming skills when using the SecureForm visual form builder or PDF forms. When designing or updating your existing/external web forms, you or your web designer will have to edit a couple of lines of HTML code to direct the form submissions to SecureForm; if a content management system such as Gravity Forms for Wordpress generates or dynamically manages your forms, then you may need a little coding to integrate SecureForm.
Pricing is based on the number of forms and number of submissions per day. See the Compare Plans. The tiers are:
For larger limits, please contact sales.
When using SecureForm, data transmits from the end-user's browser (or PDF) to LuxSci, encrypted using strong TLS ciphers. Once it arrives, what happens next depends on the integrations you configure; the security of the results is then, to a certain degree, your choice. For example:
You do not need your own TLS certificate to use SecureForm; however, if you are hosting your forms on your own website, we do recommend that you secure that site with TLS to protect your form pages themselves from alteration/hacking before getting to your end users.
SecureForm includes detailed reports of all successful form posts, and of many kinds of post failures (including emailed alerts of important types of failures). If saving your data to a hosted database, SecureForm provides an audit trail of views and deletions (if such are permitted) of all rows of posted data accessed via our API or or Web-based Form Database viewer.
Yes. Users of your web-based forms can sign a written signature using their mouse, stylus, or finger, and it's possible to capture and deliver that signature along with your form post. The post can even auto-append to refilled PDF templates or inserted inline in refilled HTML templates. See Ink Signatures.
Yes. SecureForm has an API that allows listing, downloading, and optional deletion of SecureForm data stored to a hosted database.
When operating your website or database, you need to ensure that all sensitive client or patient information is secure and protected from unapproved eyes. This means using secure web forms. Unsecured forms and legal documents can provide easy access for hackers to infiltrate and collect confidential information, which is why LuxSci developed a secure web form solution. LuxSci's SecureForm processing allows you to add and store HIPAA- (Health Insurance Portability and Accountability Act) compliant patient forms, tax documents, legal forms, etc., in order to ensure your online services stay protected and legal.
SecureForm seamlessly integrates with any of your company's current web or PDF forms. SecureForm is compatible with any CMS (including WordPress), as well as custom-coded pages made using PHP, .NET, and any other language. You can save your data in multiple formats: plain text, two-column html, CSV (Excel), XML, refilled custom templates (HTML, XML, or other), and refilled PDF templates (even with data from Web forms). Our SecureForm FormBuilder allows you to use our web interface to configure and customize your own forms without any coding knowledge. SecureForm ensures that your data remains protected during transmission, using TLS encryption, and at rest, using PGP and/or AES encryption. Note: if you are a LuxSci HIPAA customer, SecureForm automatically configures for your compliance.
One of our exciting HIPAA-compliant SecureForm features is Ink Signatures. LuxSci's Ink Signatures are simple web-based agreement boxes that allow you to easily capture the authentic handwritten signatures of anyone filling out a SecureForm-enabled web form. There's no special software or technical knowledge required; you can sign with a mouse, a stylus, or a touchscreen. This user-friendly feature provides an easy way to establish signed agreements and is much easier to implement than standard digital signatures.
Book 2 in the LuxSci Internet Security Series.
Created by Erik Kangas, PhDGet the HIPAA eBook