Uploading Rx

Hi, I'm interested to understand if the software could be used as a storage platform for patient prescription uploads.

My second question is whether there can be an API built, or does it exist, where it could indicate to us when the prescription has been uploaded? 

Thanks,

David

Hi David,

Thanks for reaching out to Jotform Support. I'm an AI assistant here to assist you.

Jotform can be used to collect and store sensitive healthcare data, including items like patient prescriptions, when you use an account with features that help with HIPAA compliance. In such accounts, data is encrypted in transit and at rest, access is tightly controlled, activity is logged and audited, and customer data is backed up regularly. These measures are designed to help you handle protected health information (PHI) in a secure way.

If you build a form that includes a file upload field for prescriptions, those uploaded files and the associated submission data can be stored in Jotform’s HIPAA-friendly environment. You can also mark specific fields as PHI so that Jotform applies additional protections to those fields, especially when data is used in channels like email.

For your second question, there is a way to be notified programmatically when a prescription (or any submission) is uploaded. Jotform supports Webhooks as a fully integrated option for accounts using HIPAA-related features. With a webhook integration, each time a form is submitted (for example, when a patient uploads a prescription and submits the form), Jotform can send the submission data to your endpoint in real time. Your system can then detect that a prescription file has been uploaded and act on it (e.g., flag it in your system, trigger internal workflows, etc.).

In addition to webhooks, you can also use email notifications and autoresponders with HIPAA-related features by marking PHI fields appropriately. When PHI fields are marked, their values are automatically removed from email content to reduce exposure over less secure channels, while still allowing you to receive non-PHI details about the submission.

Let me help you with a high-level setup approach:

1. Create a form with a file upload field for prescriptions and any other required patient fields.
2. Enable HIPAA-related features on your account and mark the relevant form fields as PHI where appropriate.
3. Configure a webhook integration so that each new submission (including uploaded prescriptions) is sent to your server or application endpoint, where you can detect and log that a prescription has been uploaded.

After we hear back from you, we’ll have a better idea of what’s going on and how to help.

Let us know if you have any other questions.