Once your form is created click on the "Selected Forms" tab.


If a form has all of the required fields then you will have the option to select it by checking the box at the left of the form. If the form does NOT have all of the required fields a warning icon will show next to the form. Clicking on the warning/toggle icon will display what fields are missing. Clicking the toggle icon will show all of the forms fields and slugs/classes.


Once you have checked the box next to a form it should now be HIPAA Compliant, it's really as simple as that.


By toggling the form by clicking the triangle icon on the left you can set if you want the "drag 'n draw" signature to be added to the form, set what should happen once a form is submitted such as display a message on the form or redirect to another page and set who can view the submitted forms with the hipaa user role such as "all users", "only specific users" or "selected users only" which allows you to list specific users in a drop down field that a patient can select when filling out the form.


You can also choose whether to use the default notification email settings set under settings->notifications or use a custom notification email message for this specific form. If you click on the "custom" option the notification options will be displayed and your notification emails for this specific form will use this custom message and settings instead of the default settings.


To verify the form is now compliant go to where the form is rendered on the page and you should now see an additional section at the bottom of the form right above the submit button showing a checkbox to agree to the HIPAA privacy agreement, a badge showing the form is encrypted and HIPAA compliant and the signature field which a user can sign by left clicking and dragging their mouse or by simply using their finger or stylus if on a touch screen. You should also see a padlock on the submit button indicating that the form submit function is secure. If you do NOT see these something is not correct and the form will NOT be HIPAA compliant and you should submit a support ticket so our support staff can troubleshoot the issue before attempting to use the form. It is your responsibility to ensure forms are in a compliant state before allowing patients to submit private protected health information and failure to do so could result in fines.


Since the default submit button is removed and replaced with the secure submit button by Javascript after the page loads you may see the original button for a second during the page load. If using Gravity Forms we recommend setting a display: none in your css on the default submit button for your specific HIPAA compliant forms to prevent this from appearing during load as you do not have an option to not include the submit button. If you're using Caldera we recommend just not including the submit button in the form.