wiki/clients/current/new-dawn-shine/2026-03-24-hipaa-compliant-contact-form.md · 454 words · 2026-03-24

HIPAA-Compliant Contact Form — Jane App Embed

Overview

New Dawn requires HIPAA-compliant handling of client contact data. The question arose during site build: how to handle the contact form on the website given that standard form tools (Gravity Forms, Google Forms) are not HIPAA-compliant out of the box.

The agreed solution is to embed a form directly from Jane App — New Dawn's existing HIPAA-compliant CRM — so that data is stored in a compliant environment from the moment of initial entry.

The Compliance Requirement

New Dawn's HIPAA obligation is nuanced:

A contact form submission is not HIPAA-protected at the time of submission
Once a person signs on as a client, any prior communication and data they submitted retroactively falls under HIPAA protection
This means data collected via a standard web form could become a compliance liability after the client relationship begins

Rather than building a workflow to delete or migrate pre-client form data after sign-on, the simpler approach is to route all contact data into a HIPAA-compliant store from the start.

Solution: Jane App Form Embed

Jane App is a therapist-focused CRM that New Dawn already uses. It is built with HIPAA compliance by design, including secure data storage.

Approach:
- Embed a Jane App form (or sign-up flow) directly on the New Dawn contact page
- Data flows from the embedded form into Jane App's HIPAA-compliant database immediately
- No intermediate storage in a non-compliant system

This sidesteps the complexity of making Gravity Forms or Google Forms compliant (BAAs, encrypted storage configuration, etc.).

Why Not Standard Forms?

Option	HIPAA Compliant?	Notes
Google Forms	No	Not compliant out of the box
Gravity Forms	Not by default	Can be configured, but complex
Jane App embed	Yes	Compliant by design; data stays in Jane App

Open Items

[ ] Mark to research Jane App embed/integration options and confirm a form can be embedded on the contact page (^[1])
[ ] Confirm whether Jane App's embeddable form covers a generic "Contact Us" use case (vs. only appointment booking/sign-up flows)
[ ] If Jane App embed is not viable, evaluate API-based integration as a fallback

Context

Jane App is a Canadian company
The platform appears to have some integration options, but API access may be limited (similar to other healthcare-adjacent SaaS tools)
New Dawn's site is approximately 85% complete; the contact form is one of the remaining open items
New Dawn has expressed interest in continuing to work with the team post-launch (digital downloads, checkout, eventual marketing)

^[1]
^[2]