Free tool

Is your form tool HIPAA compliant?

Six questions. Tool-agnostic. Find out if Google Forms, Jotform, Typeform, or Microsoft Forms is compliant for your setup — and what to fix if it is not.

Why this quiz exists

The same compliance gaps show up every week.

I get asked "is Google Forms HIPAA compliant?" and "is Jotform HIPAA compliant?" every week. The answer is always the same: it depends on your plan, your BAA, your integrations, and your access controls. The tool alone does not make you compliant. The setup does.

This quiz distills the questions I ask on every paid HIPAA audit engagement into six steps that anyone can answer in two minutes. The result tells you where you stand and links each gap to the specific guide that fixes it.

If you are already on Jotform, the HIPAA workflow risk assessment goes deeper on Jotform-specific gaps (email senders, storage, access log review). This quiz covers any form tool and is the right starting point if you are comparing options or not sure where you stand.

Common questions

About this HIPAA compliance quiz.

What does this quiz check?
Six questions covering the most common HIPAA compliance gaps in form tool setups: which tool you use, whether your plan supports HIPAA, whether you have a signed BAA, where submission data flows, and who has access. Each gap returns a specific fix and a link to the relevant guide.
How is this different from the HIPAA workflow risk assessment?
The risk assessment is Jotform-specific: it checks your Jotform plan, integrations, email sender, and access logs. This quiz is tool-agnostic: it works whether you use Google Forms, Jotform, Typeform, Microsoft Forms, or something else. If you are already on Jotform, use the risk assessment. If you are comparing tools or not sure where you stand, use this quiz.
Is this a legal HIPAA audit?
No. This is a workflow-level compliance check, not legal counsel. It surfaces the technical and operational issues that account for most HIPAA failures. For a full legal compliance audit, consult a healthcare attorney.
Why do you ask about integrations?
Because every tool that touches PHI needs its own BAA. Slack, Google Sheets, CRM integrations, and email notifications are the most common places where HIPAA compliance breaks without anyone realizing. The quiz checks each one.
Will my answers be stored anywhere?
No. The quiz runs entirely in your browser. Nothing is sent to a server, nothing is logged, and no answers leave the page.
What if my result says not compliant?
The result page links each gap to a specific fix guide. Address the critical items first — they are the ones that would fail an audit on day one. If you want a Jotform HIPAA expert to close the gaps for you, there is a CTA to book a scoping call.

Get the HIPAA checklist, free.

A printable 12-item pre-launch checklist, plus new HIPAA notes and kits when I publish them.

Free HIPAA compliance checklist

A printable 12-item PDF covering BAAs, PHI in notifications, integration safety, and access review. Delivered to your inbox.

Loading…

The same compliance gaps show up every week.

About this HIPAA compliance quiz.

What does this quiz check?

Six questions covering the most common HIPAA compliance gaps in form tool setups: which tool you use, whether your plan supports HIPAA, whether you have a signed BAA, where submission data flows, and who has access. Each gap returns a specific fix and a link to the relevant guide.

How is this different from the HIPAA workflow risk assessment?

The risk assessment is Jotform-specific: it checks your Jotform plan, integrations, email sender, and access logs. This quiz is tool-agnostic: it works whether you use Google Forms, Jotform, Typeform, Microsoft Forms, or something else. If you are already on Jotform, use the risk assessment. If you are comparing tools or not sure where you stand, use this quiz.

Is this a legal HIPAA audit?

No. This is a workflow-level compliance check, not legal counsel. It surfaces the technical and operational issues that account for most HIPAA failures. For a full legal compliance audit, consult a healthcare attorney.

Why do you ask about integrations?

Because every tool that touches PHI needs its own BAA. Slack, Google Sheets, CRM integrations, and email notifications are the most common places where HIPAA compliance breaks without anyone realizing. The quiz checks each one.

Will my answers be stored anywhere?

No. The quiz runs entirely in your browser. Nothing is sent to a server, nothing is logged, and no answers leave the page.

What if my result says not compliant?

The result page links each gap to a specific fix guide. Address the critical items first — they are the ones that would fail an audit on day one. If you want a Jotform HIPAA expert to close the gaps for you, there is a CTA to book a scoping call.