At Cognito Forms, we’re concerned about your privacy and the security of your form data. Below are the measures we take to ensure that your data is safe:
Cognito Forms uses TLS 1.2/SSL encryption and is always accessed over HTTPS 100% of the time for all users.
Cognito Forms is hosted securely on the Microsoft Azure cloud platform, which is PCI (DSS) Level 1 and HIPAA compliant. We also have a HIPAA BAA with Microsoft.
Cognito Forms is HIPAA compliant, and offers a business associate agreement for organizations seeking to securely communicate with patients via registration forms, appointment scheduling, refill requests, etc.
Access to our production environment is limited to select operations security staff, requiring two-factor authentication to deploy updates or access a secure system for limited troubleshooting.
Customer data is carefully segregated at the lowest architectural level in Cognito Forms to ensure that data for one organization cannot be accessed by another.
We partner with PayPal, Stripe, and Square for credit card processing so that secure payment information is never transmitted or stored by Cognito Forms. We also take measures to prevent malicious scripts on sites we are embedded in from stealing this information.
The Cognito Forms architecture is unique and highly specialized for massive scale while maintaining data isolation. It does not use transactional databases and is not vulnerable to SQL injection attacks.
Production access credentials for storage and encryption tokens used to encrypt sensitive organization data are stored in an Azure credential store and are not stored within our own development environments.
Sensitive data, such as Social Security numbers and other personally identifiable information, is required to be encrypted at rest using 256-bit AES encryption. It must also be protected so that it is never emailed or otherwise transmitted in an insecure way. Any field type can be encrypted and/or protected, including uploaded files and sections.
Cognito Forms uses opportunistic TLS encryption when sending email to always encrypt messages when supported by downstream servers. For HIPAA organizations, we recommend that PHI be marked as protected so it is not sent via email for any reason and remind organizations that explicit patient consent is required for sending PHI via email.
We know that there are evolving threats to data security, and we will continue to refine our processes to ensure the safety of our customers’ data in Cognito Forms.