I was curious what others have done to ensure HIPAA Compliance with form submissions on Webflow for healthcare providers.
We are building websites for Dentists and I have seen others using Webflow’s platform/hosting utilize the native form widget for dentists’ websites but I am worried about the HIPAA implications.
Some say that if you are only capturing new leads you are not legally required to follow HIPAA regulations. Others say to use 3rd party forms that HTML embed into the site to remain compliant.
I would normally lean towards being more cautious but the 3rd party integrations frankly are awful for our use case. It has become increasingly difficult to track form submissions as conversions with our google ads and other “source/medium” tracking due to the HIPAA restrictions that 3rd party integrations present.
Does Webflow offer HIPAA compliance at the enterprise level, what are some workaround that you all have found?
Hey there! I went with Jotform for a while but realized that with iFrames you can’t easily pass events and analytics data so we had to host the websites ourselves on a HIPAA complaint server. Hope this helps!
any updates or clarification on a hipaa compliant solution for forms? would be amazing if the webflow forms themselves were good enough, seems like a fairly simple thing.
Yes, use a third party form processor that offers HIPAA compliance and embed the form directly where needed and avoid Webflow’s backend form processing. Or link out to a form published on a service of your choice. You need to leverage custom code in Webflow when embedding.
I know the services below have achieved HIPAA compliance and offer it based on my previous research.
JotForm
Cognito Forms
FormHippo
FormStack
I am sure there are others, feel free to do your own research.