No matter what kind of WordPress site you’re running you’ll have some kind of form on your site for collecting user information. This could be a simple contact form, a lead generation form, a donation form, and many others. This look at the Secure Forms plugin could help to keep this ‘open window’ on your site shut for good.

For a lot of website owners, the standard form security protocols built into most form plugins will be enough. However, when you’re running a business that collects sensitive personal, health, and financial information, you need a more secure solution to keep your user’s data safe. Not only does this ensure you keep your reputation intact if there is a data breach, but it can also help you avoid fines and other legal troubles.

Below, we’ll take a detailed look at the Secure Forms plugin and highlight its core feature set so you can decide if this form plugin will add the encryption and compliance your website needs.

Why You Need Compliant WordPress Forms

Having secure and compliant forms is a must-have for certain types of WordPress sites. If you just have a simple WordPress blog or don’t collect personal or sensitive information through forms, you can probably get away with using a typical WordPress form plugin.

However, suppose your site collects sensitive health, personal, or financial information. You need to ensure you’re doing everything you can to keep this information safe both during the form transmission and storage process.

For example, let’s say you’re a medical clinic with thousands of patient records. With a standard online form, this data isn’t secure. If there’s a data breach, this can lead to HIPAA violations, legal issues, and a complete loss of trust from your patients.

A security breach means a lot more than just fixing the hack. It can ruin your reputation, lead to lost clients, and incur thousands in fines, legal bills, and security fixes.

The solution is to simply secure your WordPress forms the first time around. It’s a small expense to pay, considering the costly consequences of using unsecured forms.

Introducing Secure Forms: An Easy Way to Make Your Forms Encrypted and Compliant

Secure Forms is an addon for the Forminator form plugin (and soon Gravity Forms). It enhances the security of the existing form plugins by adding encryption and other security functionality.

The Secure Forms plugin homepage.

Most form plugins have basic security features such as reCAPTCHA and spam protection. But, for businesses that collect sensitive information and data, this standard protection isn’t enough.

This plugin helps to protect the sensitive data you’re collecting while also meeting privacy regulations. If your website collects sensitive medical, financial, or personal information, this plugin will ensure the data is transmitted and stored safely.

Here’s an overview of some of the core features:

  • It makes your form submissions HIPPA compliant and encrypted.
  • You have the option to sign a Business Associate Agreement (BAA) to achieve HIPAA compliance.
  • It meets the encryption standards for medical, education, and legal.
  • You have control over user roles for form viewing and data access.
  • Automated logs are kept for every single action taken in relation to your secure forms.

Now, let’s look at these features more in-depth, starting with its key selling point.

High-Level Encryption and Security

Secure Forms has high-level encryption standards that meet the requirements across multiple industries, including education (FERPA), legal (ABA Model Rule 1.6), and HIPAA compliance. Plus, your form data is encrypted twice via AES-256 encryption: once when the data is submitted, and again when the form data is at its storage location on a secure AWS server.

The API will only function when your license and domain name match the signed Business Associate Agreement (BAA) for that domain, regardless of whether the plugin is used for HIPAA compliance or other purposes.

Automated Form Notifications and Secure Form Logs

Whenever you get a form entry, you’ll receive an email notification. The email doesn’t contain any personal user information, so user privacy is maintained. But, it does help keep you in the loop of your latest form entries. If you’re on the free plan, you’ll receive an alert when your supported form entries are getting low.

A log is created whenever someone views a form or exports any form data. This log includes who viewed the form, their IP address, and why they accessed the data. These logs can’t be deleted, so data can’t be tampered with. This is required to achieve HIPPA compliance.

Only admins and specified user roles can view the plugin and form data to ensure your data is only accessed by the right people. You can also download and export your form submissions to keep physical records for your patients, students, and clients.

How Much Does Secure Forms Cost?

Secure Forms has both a free and premium version available. The free version of the plugin supports a single form and up to 25 encrypted transmissions a month. It can also sign a BBA and gives you access to basic support.

If you only have a single site to support and only need a handful of encrypted form transmissions a month, you can probably get away with using the free version. If you do use the free version, you’ll be alerted before your 25 free submissions are up.

The plugin’s premium version builds on this feature set and supports unlimited forms, submissions, and notifications. You can sign unlimited BAAs, and you get access to priority support.

Pricing and feature breakdown of the free and premium versions of the Secure Forms plugin.

Pricing is very straightforward and costs $25 per month. For an additional $15 per month, you can opt to have file upload and storage. However, this isn’t necessary to achieve form compliance.

Is the Secure Forms Plugin Right for Your Business?

Overall, Secure Forms is an ideal plugin if you need to add encryption and compliance functionality to your Forminator forms. Soon, this extension will also be available for users of Gravity Forms, which is excellent given the user base of that plugin.

If you’re collecting sensitive personal, financial, and health-related information, this plugin will help you do so in a few simple steps. Plus, it’s affordable when you consider the disastrous consequences of not keeping user data safe and secure. You can always give the free plugin a try to ensure it provides the features and functionality your business needs.

Will Secure Forms feature on your own WordPress site? Share your thoughts and experience in the comments below!