Healthcare & Medical Forms
Collect patient intake forms, consent forms, and medical questionnaires with end-to-end encryption. Zero-knowledge architecture keeps health data private from collection to decryption.
Healthcare providers, clinics, therapists, and medical researchers collect deeply personal information every day — diagnoses, treatment histories, mental health assessments, insurance details, and genetic data. This information is among the most regulated and most targeted data in existence.
Yet the tools most practices use to collect it — generic form builders, email attachments, even paper scanned into shared drives — treat health data no differently than a pizza order. The data sits in plain text on someone else's server, readable by the provider's staff, vulnerable to breaches, and subject to government data requests.
Schweizerform was built for exactly this gap. Every submission is end-to-end encrypted in the patient's browser before it reaches our servers. We cannot read it. Nobody can — except you.
What Healthcare Organisations Collect with Schweizerform
Any form that touches patient or health-related data benefits from end-to-end encryption. These are the most common use cases we see:
- Patient intake and registration — collect personal details, contact information, and medical history before the first appointment
- Medical questionnaires — pre-visit symptom assessments, pain scales, lifestyle and risk factor surveys
- Mental health screenings — depression, anxiety, and substance use assessments where confidentiality is critical to honest responses
- Informed consent forms — surgical consent, treatment authorisation, and clinical trial participation agreements
- Insurance and billing — policy numbers, claims information, and payment authorisation details
- Referral forms — inter-provider communication containing diagnoses, treatment plans, and patient summaries
- Patient feedback and complaints — post-visit satisfaction surveys and formal grievance submissions
- Research data collection — clinical study questionnaires and participant-reported outcomes
Why Health Data Needs More Than a Privacy Policy
Health data is different from other personal data. A leaked email address is an inconvenience. A leaked diagnosis, mental health record, or HIV status can damage someone's career, relationships, and insurability. The harm is irreversible — you cannot "un-leak" a medical record.
This is why regulations around health data are stricter than general data protection laws, and why the penalties for mishandling it are severe. But compliance is only part of the picture. The real question is whether your data collection tool is architecturally capable of protecting the data — or whether it simply promises to.
Plain text is the default
Most form tools — including well-known names — store health data as plain text in their databases. If the provider is breached, subpoenaed, or simply has a misconfigured access control, every patient submission is exposed in full.
A privacy policy says "we won't look at your data." End-to-end encryption says "we can't look at your data." For health information, that distinction matters.
How Schweizerform Protects Patient Submissions
When a patient fills out your form, all encryption happens in their browser — before any data is transmitted. Here's what the process looks like:
Patient opens the form
The form loads in their browser along with your form's public encryption key. No account or login is required for the patient.
Data is encrypted locally
When the patient submits, their browser generates a one-time AES-256-GCM key, encrypts all answers and file attachments, and wraps the key with your form's RSA public key. This all happens client-side.
Only ciphertext reaches the server
The encrypted payload is transmitted over HTTPS and stored on our servers in Switzerland. The server never sees the decryption key and has no way to read the content.
You decrypt with your Access Code
When you log in and enter your Access Code, your browser derives your private key locally and decrypts the submissions. Decryption happens entirely in your browser — the server is not involved.
File attachments — lab results, scanned documents, images — follow the same encryption flow. They are encrypted in the patient's browser before upload. Filenames are randomised server-side so even the file names are not visible to us.
Regulatory Landscape for Health Data
Health data is subject to sector-specific regulations in most jurisdictions, on top of general data protection laws. The encryption model you use directly affects your compliance posture.
Switzerland — nFADP and cantonal health laws
The new Federal Act on Data Protection (nFADP) classifies health data as "sensitive personal data" requiring enhanced protection. Many cantons impose additional obligations on healthcare providers, including requirements around data processing, storage, and patient consent. End-to-end encryption with Swiss-hosted infrastructure aligns with both federal and cantonal expectations.
European Union — GDPR
Under GDPR, health data falls under Article 9 (special categories of personal data) and requires explicit consent and appropriate safeguards. Article 32 specifically names encryption as an appropriate technical measure. Importantly, encrypted data that is unintelligible to unauthorised parties may reduce or eliminate breach notification obligations under Article 34.
United States — HIPAA
HIPAA's Security Rule requires covered entities and business associates to implement technical safeguards for electronic protected health information (ePHI). Encryption is an "addressable" requirement — meaning you must either implement it or document why an equivalent alternative is in place. End-to-end encryption satisfies both the transmission and storage provisions of the Security Rule.
Breach safe harbour
Under both GDPR and HIPAA, properly encrypted data that is involved in a security incident may qualify for a breach notification safe harbour — meaning you may not be required to notify affected individuals if the data was rendered unreadable through encryption.
Schweizerform vs Typical Form Tools for Healthcare
| Capability | Schweizerform | Typical form tools |
|---|---|---|
| Submission encryption | End-to-end — encrypted in the patient's browser | None or encryption at rest (server holds the key) |
| File attachment handling | Encrypted client-side, filenames randomised | Uploaded and stored in plain text |
| Provider access to data | Impossible by design (zero-knowledge) | Full access — employees can read submissions |
| Data hosting | Switzerland | Varies — often US-based cloud providers |
| Breach exposure | Ciphertext only — no usable data exposed | Full plain-text exposure of all submissions |
| Patient login required | No — patients submit without an account | Varies — some require accounts |
| Regulatory alignment | nFADP, GDPR Article 32, HIPAA Security Rule | General terms of service only |
Practical Considerations
No patient accounts required
Patients do not need to create an account or install anything. They receive a link, fill out the form in their browser, and submit. The encryption is invisible to them — it happens automatically in the background.
Works on any device
Schweizerform uses the Web Crypto API — a standard built into every modern browser. Patients can submit from a phone, tablet, or desktop. There is nothing to download and no browser extension required.
Your Access Code is your key
Your Access Code derives the private key that decrypts submissions. It is never sent to our servers and never stored in plain text. If you lose it, we cannot recover your data — that is the trade-off of genuine zero-knowledge security. We recommend storing your Access Code in a secure password manager.
Access Code responsibility
Because Schweizerform cannot access your encryption keys, we cannot recover data if your Access Code is lost. Treat it with the same care as a master password.
File uploads
Patients can attach documents — scanned referrals, lab results, insurance cards, ID copies — directly through the form. Each file is encrypted individually in the browser before upload. The server stores only encrypted blobs with randomised filenames, so even the nature of the attachment is not visible server-side.
Who Uses Schweizerform for Healthcare
Schweizerform is used by healthcare professionals and organisations that need to collect sensitive information without exposing it to third-party infrastructure:
- General practitioners and specialist clinics collecting patient intake forms digitally
- Psychologists, psychiatrists, and therapists using encrypted questionnaires for intake and progress tracking
- Physiotherapy and rehabilitation centres gathering pre-treatment assessments
- Dental practices collecting medical history and consent forms
- Hospitals and care facilities processing referral and admission paperwork
- Clinical researchers collecting participant-reported data under institutional review board protocols
- Health insurers and brokers collecting policyholder information securely
Health Data Deserves Real Protection
Patients trust you with some of the most private information they will ever share. The tools you use to collect that information should reflect that trust — not with promises, but with architecture that makes misuse impossible.
Schweizerform gives you encrypted forms that are as easy to use as any other form builder, with a security model that ensures patient data is private from the moment it leaves their device. No plain text on any server, no access by any third party, no exceptions.
End-to-end encryption is included on every Schweizerform plan, including the free tier. Start collecting patient data securely today — no credit card required.