Our Commitment to Security

Form Security

At Smiley Forms, we recognize your need to collect data from individuals and to store it using secure, Industry-standard methods.  To protect both the site and sensitive data, our site uses current Internet security protocols such as SSL Architecture and SSL Certification built in with the expectation of having a secure framework and protocol implementation.  While site breeches cannot be guaranteed (this is the case for all secure sites on the Internet), our protocols minimize risk from attacks.

The above elements provide for encrypted transmission of data from your form to a password-protected hosting server where data may be accessed using an account holder’s login credentials.  To increase security, we encourage account holders to keep their login credentials secret and to change their passwords often.

HIPAA Compliance and Our Forms

We often receive questions from customers in the medical and dental fields asking whether our forms are HIPAA compliant. While our forms are secure, we do not advertise them as HIPAA-compliant.

Here’s why:

True HIPAA compliance requires not just technical conditions to be in place such as an encrypted means to pass and store data; but also procedural conditions that are controlled by the “covered entity” (which is usually what a medical or dental practice would be). For example, a practice that does not secure workstations, properly control facility access or train employees on HIPAA practices would not be in compliance – even if the technical conditions were in place to make that possible.

As HIPAA Compliance is an “all or nothing” proposition, even if we offered technical solutions to support the requirements above, non-compliance at the practice level, could render those solutions ineffective, and potentially put our customers and their patients at risk.

We believe that you ultimately know best what your individual security needs are. If you have questions about our secure forms, please don’t hesitate to contact us.