sECURITY

The trusted form building and data collection solution.

FormAssembly offers robust security features with best-in-class operational standards combined to help organizations collect, connect, and protect sensitive data while ensuring compliance with the most rigorous requirements.

Robust Security Features

Security Certifications

A unique combination of secure product features and certified operational standards enables organizations to reduce risk, improve privacy, and protect their business and customers.

Sensitive Data Processing

The FormAssembly Data Collection Platform supports the most stringent compliance and regulatory requirements.  From data localization to handling PHI, FormAssembly has you covered.

Trusted Infrastructure

Built on the best available technology and hosted on AWS, renowned for its relentless commitment to security, FormAssembly provides you with an ironclad defense and unparalleled scalability.

Documentation you can trust

Everything you need to know about FormAssembly’s security and compliance in one location.

Security Resources

secure form solution practices

Digital Data Collection & Security

data collection security checklist

Data Collection Security Checklist

Where in the World Is Your Data?

Frequently Asked Questions

Why should I be concerned about secure data collection?

The FBI’s Internet Crime Report shows increases in ransomware attacks and phishing and losses totaling $10.3 billion in 2022*. That represents a 49% increase over the previous year. An incomplete security stance can leave your organization, and your customer’s data at risk of data breach and malware attacks.

Securing your data isn’t only about avoiding financial costs and fines, it’s about gaining and maintaining customer trust. Protecting respondent data from the moment of collection is good practice for your organization and the audiences you serve.

*Source: https://www.ic3.gov/Media/PDF/AnnualReport/2022_IC3Report.pdf

Can I control where my data is stored? 

This is a good question to ask any data collection provider. With select FormAssembly plans, you have your choice of 7 AWS regions around the world, hosting your data and backups securely.

If your organization does business globally, you may be impacted by regional data laws and regulations. We can help you manage your data localization requirements so you can scale.

Download Data Residency Checklist

What compliances does FormAssembly follow?

FormAssembly is PCI DSS Level 1 Certified and is compliant with GDPR, HIPAA, FERPA, the Australian Federal Privacy Act and Australian Privacy Principles. Our E-Signature feature is also compliant with the Australian Electronic Transactions Act. Our Government plan is FedRAMP Ready. 

Our policies, procedures, and standards reference best practices of: ISO, FFIEC, GLBA, HIPAA, PCI DSS, NIST, NYDFS, Privacy Act 1988

View Trust Center

Where can I learn more and request security documentation?

You can request and view FormAssembly’s security and compliance documentation in our dedicated trust center. 

Visit Trust Center

Let’s talk about secure data collection for your organization.