Hey @richard.briddock,
Thank you @hesh_fekry for tagging Jessica. I’m sure she’ll have insights she can share.
As we wait for Jessica to share insights from her extended experience, I’ve done some research to help narrow your search by looking for answers to two main questions.
First question: Does Google Forms offer an HIPAA compliant solution?
Specifically Google Forms.
Many smaller than enterprise orgs rely on Google’s high quality solutions, and I personally remembered Google Forms being used by past and current healthcare providers. So I assumed there must be some level of HIPAA compliance.
I found background info from the HIPAA Journal:
Is Google Forms HIPAA Compliant?
No software solution can be truly HIPAA compliant, as HIPAA compliance depends on the actions of users. However, Google does support HIPAA compliance and Google Forms is covered by its business associate agreement. Therefore, Google Forms can be considered a HIPAA compliant solution that is suitable for use in healthcare.
hipaajournal.com also has practical advice along with current news on HIPAA compliance available for immediate reading.
I also found Google for Work’s HIPAA Compliance & Data Protection with Google Apps guide.
A PDF on Google Apps for Work HIPAA implementation. Breaks down using Google services with PHI, additional considerations you should make for HIPAA compliance and security audits. It can help you see how you can make specific Google Apps core services work for you.
You can get in contact with Google to confirm pricing. I cannot confirm their pricing, if any, and their team usually replies to pricing questions to help inform your decision.
Second question: Are there other solutions with non-enterprise pricing?
I reviewed and compiled a short list of best possible solutions without enterprise pricing to help narrow your search a bit.
- Jotform - HIPAA compliance available in Silver ($39/month, annually) and Gold ($99/month, annually) tiers. No additional fee.
- Zoho Survey - May provide HIPAA compliance in their Pro ($35/month, annually) tier, but cannot confirm.
Other solutions either have HIPAA compliance listed clearly (at enterprise level as you mentioned) like SurveyMonkey, while some do not list it at all. You may need to reach out and confirm with several providers.
This should help narrow down your search,
Tania