Security FAQ

Explore our FAQ for answers to the most common security questions from GoFormz users.

Updated over a week ago

Can other GoFormz customers gain unauthorized access to my personal data?

GoFormz is a multi-tenant provider. This means that services and storage are frequently shared between customers, but not data. This is an industry standard practice in cloud computing, and GoFormz has taken extensive measures to ensure that you control who has access to your data.

Where is my data stored?

GoFormz is built on Microsoft Azure. Your data is stored in a physically secure Azure data center.

Is my data backed up for protection?

GoFormz performs full backups each day at 1AM PST. All daily backups are stored securly in Azure data centers. Daily backups are stored for 30 days. Point-in-time recovery is enabled on every GoFormz database, and restore points are created every 15 minutes. Restore points are saved for two weeks.

In addition, Azure maintains three replicated copies of every database. The replicated copies are all located in the same physical data center. For those customers that require higher availability, cross-region replication is available as an add-on feature to the Enterprise Edition of GoFormz.

Is my data encrypted?

GoFormz encrypts all data passing to and from the data center. We currently use TLS version 1.2.

Encryption for data at-rest is available if needed.

For additional details on the security provided by Azure click here.

Does GoFormz personnel have access to my data?

While rare, there are cases where GoFormz personnel may need to directly access customer data. For example, a customer may request information from our technical support team about previously deleted data. Developer Support may also need to troubleshoot issues specific to an account. This access is limited to a select few senior members of the Technical Support and Developer Support teams and is granted on an as-needed basis.

While certain GoFormz personnel will always have some access to the customer databases, Enterprise subscribers have the option to “mask” the actual form data. This allows GoFormz to troubleshoot and debug without being able to see the actual data collected by the customer.

Is GoFormz HIPAA compliant?

GoFormz is a HIPAA compliant business as of July 2019.

How does GoFormz move information between GoFormz and third-party integrations?

To ensure that your data is always secure, any data pulled from third-party integrations utilizes access granted to GoFormz via the OAuth connection. All data is encrypted - both at rest, and during transmission between systems.

Data is saved to GoFormz's internal data stores during each step of the Workflow to allow us to facilitate the flow of user data. GoFormz coordinates data between connections when required for the user-designated Workflow setup.

When multiple providers are required, each GoFormz will never connect to providers to one another, or share your credentials between providers. Instead, each provider is communicated with separately using the user-provided credentials.

Did this answer your question?