Web Services

Formstack

Formstack Usage Guidelines

Formstack is a web form management tool. It allows you to quickly and easily build standards compliant and accessible web forms.

In an effort to meet compliance with federal regulations the following guidelines have been set for the use of Formstack at MDC. These guidelines layout the basics of certain types of information that should not be collected via web forms.

Do not ask for any of the following information on forms:

  • Social Security Number
  • MDID
  • Credit Card Information
  • Religion
  • Criminal background
  • Citizenship
  • Disciplinary status
  • Ethnicity
  • Gender
  • GPA (grade point average)
  • Marital status
  • Grades/exam scores
  • Standardized test scores
  • Actual number of hours enrolled

Asking for this information is allowed:

MDC designates the following information as "directory information".

  • Name
  • Address (school and permanent)
  • Telephone Number
  • E-Mail Address
  • Date of birth
  • Major field of study (including current classification, year, credit load and number of academic credits earned toward degree)
  • Dates of attendance (matriculation and withdrawal dates)
  • Degrees and awards received (type of degree and date granted)
  • Most recent previous educational agency or institution attended. Participation in officially recognized activities and sports, and weight and height of members of athletic teams.

Do not collect information you do not need.

  • Additionally try not to collect information that is in a system that you already have access to, such as Odyssey or PeopleSoft.

Use mdc.edu email addresses.

If you are sending the data from your form to an email address, that email address must end in mdc.edu. Ideally, you would want to send those submissions to a generic account where multiple people have access to check. To request a generic account, please contact the Information Security team.

Notify users if third parties are involved.

If the information you are collecting is to be sent to others or shared with a 3rd party please make a statement on the form indicating with whom the information will be shared.

FERPA

The Family Educational Rights and Privacy Act (FERPA) is a federal law that protects the privacy of student education records such as grades, transcripts, disciplinary records, contact and family information, and class schedules. All educational institutions that receive federal funding must comply with FERPA. Find out more about FERPA guidelines.

HIPAA

Health Insurance Portability and Accountability Act (HIPAA), is a law designed to provide privacy standards to protect patients' medical records and other health information provided to health plans, doctors, hospitals and other health care providers.

Formstack is not HIPAA certified. This means that no patient related information should be collect by any form managed with Formstack.

Contact Us

Questions about Formstack? Please send us a note and we’ll be happy to address your concerns.