At Cognito Forms, we’re concerned about your privacy and the security of your form data. Below are the measures we take to ensure that your data is safe:
Cognito Forms uses TLS 1.2/SSL encryption and is always accessed over HTTPS 100% of the time for all users.
Cognito Forms is hosted securely on the Microsoft Azure cloud platform, which is PCI (DSS) Level 1 and HIPAA compliant. We also have a HIPAA BAA with Microsoft.
Cognito Forms is HIPAA compliant, and offers a business associate agreement for organizations seeking to securely communicate with patients via registration forms, appointment scheduling, refill requests, etc.
Access to our production environment is limited to select operations security staff, requiring two-factor authentication to deploy updates or access a secure system for limited troubleshooting.
We do not look at entry data for our customers unless requested to through an official support request. The details of our concern over data privacy are detailed in our Privacy Policy.
Customer data is carefully segregated at the lowest architectural level in Cognito Forms to ensure that data for one organization cannot be accessed by another.
We partner with PayPal, Stripe, and Square for credit card processing so that secure payment information is never transmitted or stored by Cognito Forms. We also take measures to prevent malicious scripts on sites we are embedded in from stealing this information.
The Cognito Forms architecture is unique and highly specialized for massive scale while maintaining data isolation. It does not use transactional databases and is not vulnerable to SQL injection attacks.
Production access credentials for storage and encryption tokens used to encrypt sensitive organization data are stored in an Azure credential store and are not stored within our own development environments.
All text data stored by Cognito Forms is sanitized to prevent JavaScript injection attacks, which someone might attempt to leverage by submitting JavaScript as entry data to maliciously access other entry data by compromising our customers browsers when managing entries.
Sensitive data, such as Social Security numbers and other personally identifiable information, is required to be encrypted at rest using 256-bit AES encryption. It must also be protected so that it is never emailed or otherwise transmitted in an insecure way. Any field type can be encrypted and/or protected, including uploaded files and sections.
Cognito Forms uses opportunistic TLS encryption when sending email to always encrypt messages when supported by downstream servers. For HIPAA organizations, we recommend that PHI be marked as protected so it is not sent via email for any reason and remind organizations that explicit patient consent is required for sending PHI via email.
Cognito Forms customers can enable two-factor authentication (2FA) to add a second login step to their account. Additionally, organizations on the Enterprise plan level can require two-factor authentication for all users.
We know that there are evolving threats to data security, and we will continue to refine our processes to ensure the safety of our customers’ data in Cognito Forms.