top of page
  • Writer's pictureOnForm

Announcing HIPAA Compliance

Today OnForm is announcing that we have achieved HIPAA compliance, the U.S. national standard for health information security and privacy. As a compliant solution provider, OnForm is now in a position to readily sign a Business Associate Agreement (BAA) with healthcare customers across the United States. OnForm is committed to the protection of our customer’s data and this is our latest effort to ensure our app meets the rigorous requirements of appropriate data protection regulations.

From the HHS website "The HIPAA Privacy Rule establishes national standards to protect individuals' medical records and other individually identifiable health information (collectively defined as “protected health information”) and applies to health plans, health care clearinghouses, and those health care providers that conduct certain health care transactions electronically. The Rule requires appropriate safeguards to protect the privacy of protected health information and sets limits and conditions on the uses and disclosures that may be made of such information without an individual’s authorization."

Stephen Hancock, National Sales Director and our Data Security Officer commented, “Our app provides greater transparency and data control to our customers and ensures our customers and their clients, patients and athletes that OnForm is serious about security and privacy. HIPAA compliance demonstrates that we are focused on privacy and unlocks many more opportunities to partner with therapists, doctors and other providers in a trusted, secure environment. Already used by hundreds of physical therapists in both private practice and within hospital systems, we intend to drive much broader adoption of our tools now that healthcare providers can be assured of our data security practices to protect sensitive personal data.”

While protecting personally identifiable information is primarily a requirement for health care and educational institutions, all of our customers are able to enjoy the benefits that HIPAA compliance provides and take comfort in knowing that your privacy and data protection is a priority.

Mr. Hancock further commented “In addition to the many new features and enhancements made to the app in 2022, behind the scenes, we were also working on the ‘unseen’ - data security and privacy infrastructure policies and procedures to help protect you and those you work with. We are proud of this accomplishment and want to let you know we are not stopping there. We are working to add additional certifications that will further demonstrate our commitment to privacy and data security.”

In addition to HIPAA compliance, the OnForm privacy policy is also designed to demonstrate industry leading privacy practices. We don't ever sell your data to 3rd parties, and we guarantee that your data is your data, we never claim ownership of it unlike many other apps and websites. Furthermore, we guarantee that we use your data only for the delivery of our services.

Ensuring customer trust is of utmost importance, and HIPAA compliance further demonstrates our commitment to you.

1,422 views2 comments


Unknown member
Mar 06, 2023

This is interesting - but since Onform is not a HIPAA covered entity - this is somewhat false advertising. Covered entities are defined in the HIPAA rules as (1) health plans, (2) health care clearinghouses, and (3) health care providers who electronically transmit any health information in connection with transactions for which HHS has adopted standards.

Onform is held to consumer privacy protection security regulations.

Mar 09, 2023
Replying to

To be clear, we hold ourselves to the high standard of HIPAA compliance and because we transmit PII, as well as have significant demand from health care providers like physical therapists, occupational therapists and others, we went through a lengthy and rigorous process to adhere by HIPAA standards. Nothing false about operating with a high regard for data privacy and protection. Note that a covered entity is REQUIRED to be HIPAA compliant, we voluntarily chose to be.

bottom of page