BAA Signed — HIPAA Compliant

HIPAA-Compliant Clinical Assessments

200+ validated clinical assessments built for US practitioners. DSM-5 aligned ADHD assessments, standardized screening tools, and outcome measures — all with instant scoring, US data residency, and neurodivergent-friendly design.

US Data Residency

AES-256 Encryption

Business Associate Agreement

Free to Start

Start Free — No Credit Card Browse All Assessments

US clinician reviewing patient assessments on a tablet with data security lock symbol

Built for HIPAA Compliance

ClientForms implements the administrative, physical, and technical safeguards required by the HIPAA Security Rule to protect your patients' health information.

Technical Safeguards

AES-256 encryption at rest, TLS 1.2+ in transit, unique user authentication, automatic session timeouts, and comprehensive audit logging for all PHI access.

Administrative Safeguards

Designated Privacy Officer, workforce training, risk assessments, incident response procedures, and Business Associate Agreements with all data handlers.

Physical Safeguards

US-region data centers with SOC 2 Type II certification, facility access controls, workstation security policies, and device and media controls for PHI protection.

200+ Clinical Assessments Available

Comprehensive assessment library covering psychology, occupational therapy, and allied health — from ADHD screening to OT functional assessments and outcome monitoring. All HIPAA-compliant with instant scoring.

ADHD Assessment (DSM-5)

Full DSM-5 aligned diagnostic interview with criterion grouping and instant scoring

AQ-10 Autism Screening

Quick 10-item autism spectrum screening with validated cutoffs (88% sensitivity)

Free Test Available

GAD-7 Anxiety

Generalized Anxiety Disorder 7-item scale (89% sensitivity, 82% specificity)

Free Test Available

PHQ-9 Depression

Patient Health Questionnaire 9-item depression screen (88% sensitivity)

Free Test Available

DASS-21

Depression, Anxiety, and Stress Scale — 21-item version with severity cutoffs

Outcome Monitoring

K10 / CORE-10

Kessler Psychological Distress Scale and CORE Outcome Measure for routine monitoring

Outcome Monitoring

Try free self-tests →Learn about measurement-based care →View all 200+ forms →OT insurance report template →

Measurement-Based Care Made Simple

Fewer than 20% of behavioral health clinicians use routine outcome measurement — yet research shows it significantly improves client outcomes. ClientForms makes it easy.

Track Progress Over Time

Administer PHQ-9, GAD-7, or DASS-21 at intake and regular intervals. Auto-scored results show whether treatment is working.

Document for Payers

Insurance companies increasingly require measurable outcomes. Scored assessments provide the documentation you need.

No EHR Switch Required

Add outcome tracking to your existing workflow. Send assessments via link, email, or tablet — results are scored instantly.

Free to Start

10 scored responses per month on the free tier. No credit card, no commitment — try it with your next client.

US Data Residency

Patient data from US practitioners is stored exclusively in US-region data centers. No PHI is transferred outside the United States.

Encryption at Rest

All patient data encrypted with AES-256 at rest in US-region infrastructure. Encryption keys managed through industry-standard key management services.

Encryption in Transit

TLS 1.2+ enforced on all connections. HSTS headers prevent protocol downgrade attacks. No unencrypted data transmission.

Access Controls

Role-based access control (RBAC), unique user authentication, automatic session timeouts, and multi-factor authentication support.

Audit Logging

Comprehensive audit trail for all PHI access and modifications. Logs retained for 6 years per HIPAA requirements.

Your Compliance Responsibilities

What ClientForms Handles

US-region data storage and encryption (AES-256 at rest, TLS 1.2+ in transit)
Business Associate Agreement with infrastructure providers
Automatic session timeouts and access controls
Audit logging for all PHI access
Breach notification procedures per HIPAA requirements
Regular security assessments and vulnerability scanning
Secure backup and disaster recovery

Your Responsibilities

Ensure your use of ClientForms is covered by your own HIPAA compliance program
Obtain appropriate patient consent before administering assessments
Use strong, unique passwords and enable MFA on your account
Access patient data only on secure, authorized devices
Report suspected security incidents to ClientForms promptly
Maintain your own HIPAA policies and workforce training
Sign the Business Associate Agreement for your organization

Frequently Asked Questions

Is ClientForms HIPAA compliant?

Yes. ClientForms maintains a signed Business Associate Agreement (BAA) and implements all required HIPAA administrative, physical, and technical safeguards for protecting PHI.

Where is my patient data stored?

US practitioner data is stored in US-region data centers. Data is encrypted at rest (AES-256) and in transit (TLS 1.2+). No patient data is transferred outside the United States.

Does ClientForms provide a Business Associate Agreement (BAA)?

Yes. A signed BAA is available for all US practitioners on paid plans. Contact us to receive your copy.

What clinical assessments are available?

ClientForms offers 200+ clinical assessments including DSM-5 aligned ADHD assessments (adult and child), GAD-7 anxiety screening, PHQ-9 depression screening, AQ-10 autism screening, DASS-21, K10, CORE-10, and many more. All assessments include instant scoring and neurodivergent-friendly design.

How does ClientForms handle breach notification?

ClientForms follows the HIPAA Breach Notification Rule. In the event of a breach affecting unsecured PHI, we notify affected individuals within 60 days of discovery and report to the HHS Office for Civil Rights as required.

What is measurement-based care and how does ClientForms support it?

Measurement-based care (MBC) is the practice of routinely administering validated assessments — like the PHQ-9 or GAD-7 — to track client progress with objective data. ClientForms auto-scores these measures and tracks change over time, so you can see whether treatment is working without manual scoring or spreadsheets.

Do I need to switch my EHR to use ClientForms?

No. ClientForms works alongside your existing EHR. Send assessments to clients via link, email, or waiting room tablet. Results are scored automatically and available in your dashboard — no integration required.

Ready to try a different approach?

Quiet tools for focused work. Real impact for your patients.

Setup in 2 minutes

Cancel anytime

Email support

Create Free Account

No credit card required. Start with 3 forms and 10 patient responses.

Or try a free self-test →