← Back to portfolio

SecureForm Keeps Medical Form Data Safe

Published on

One of the challenges facing organizations that send sensitive medical or mental health data via online forms is the need to make sure the data is sent securely. Failure to secure the information transmitted in forms could put patients’ private data at risk from hackers.

SecureForm by LuxSci (the company’s full name is Lux Scientiae) is one solution in this age of increasingly sophisticated hackers. SecureForm can help practitioners of online therapy and coaching ensure that sensitive client and patient information is secure and safe from data breaches. Whether your practice transmits medical forms and legal documents, or receives data via contact forms or customer request forms, SecureForm can deliver data from your forms in many formats, including plain text, tabular HTML, XML, PDF, text/HTML Template, or CSV (Excel).


Most organizations in the medical and health services field mandate that forms be HIPAA-compliant. SecureForm’s helpful Form Builder tool allows you to organize, manage, and store all those forms in one place. Form Builder lets you create and host fully HIPAA-compliant web forms. Since the forms are encrypted, the data is protected during transmission. The level of security can be augmented with custom CSS and Java Script.

Setup and Configuration

SecureForm integrates with existing web or PDF forms; existing forms can be created in any computer language. The Form Builder also allows forms to be built from scratch or from a template.

Creating forms with the Form Builder involves using a web interface to create the form and configure where the data from the form will be sent. The form is pointed to a web address provided by the company. Destinations include regular or secure email, LuxSci’s SecureChat service, a MySQL database that can be accessed online, a WebAide document (the company’s proprietary format), or an FTP/SFTP server.

SecureForm isn’t designed for IT professionals, so it’s good to know the Form Builder can be used without needing any programming skills. Those who need to update existing external web forms will have to edit a couple of lines of HTML code to redirect the form submission to SecureForm’s server. Some coding may be necessary if your forms are managed with Gravity Forms for Wordpress.

End-User Experience

Whether the form is set up as a page on your website, created using SecureForm’s Form Builder, or a PDF, the process is the same from the perspective of the end user. The user fills out the web form and presses the Submit button. The data is sent securely to LuxSci. The user is then directed to a “Success” page or a “Failure” page on your website.

Handwritten Signatures

One nice feature of SecureForm is called Ink Signatures, which allows users to sign documents in their own handwriting using a mouse, a stylus, or a touchscreen, depending on the device. Handwritten signatures are easier to implement than digital signatures and they provide stronger proof of identity than simply requiring the user to check a box.

The Ink Signatures feature is compatible with all popular browsers, including Internet Explorer, Firefox, Safari, Chrome, and Opera. It’s also compatible with iPhones, iPads, iPod Touch, and all Android-based touchscreen devices.


Potential customers can try SecureForm for free for 30 days. Large and small practitioners will find SecureForm to be affordable, with monthly pricing starting at just $25 for a Starter account, which includes three forms and up to 1,000 daily form posts. The Professional account is $50 per month and includes 25 forms and up to 5,000 daily form posts. Larger organizations can choose the Enterprise account for $110 a month, which includes 100 forms and up to 10,000 form posts each day. Organizations needing even more forms, more daily posts, or dedicated SecureForm processing servers can contact LuxSci for pricing.