Flagship · HIPAA-minded
WP Secure Forms
A form builder for sites that handle sensitive data. Submissions are encrypted and stored only in your AWS backend — never in the WordPress database, never on your web host.
Most hosting isn't covered by a Business Associate Agreement, which makes patient data in the WordPress database a genuine liability. WP Secure Forms is built so that data never lands there in the first place.
- PHI never touches WordPress — straight to encrypted AWS (KMS + RDS)
- Fail-closed: blocks the submission rather than storing it insecurely
- Drag-and-drop builder with full conditional logic
- PHI-free notifications — field data can't be emailed
- Per-form access control and mandatory two-factor auth
- Automatic idle logoff for anyone who can view submissions
- Complete audit trail — who viewed what, and when
- Soft deletes with a required reason (records are retained)
- Import your existing Gravity Forms
- Elementor and Avada elements, plus a shortcode