Formstack guidelines

Formstack is the web form management tool the University uses on the main University website. This tutorial is designed to help you organize your Formstack forms in an easy-to-find manner. If you are interested in learning Formstack itself, please see Formstack's excellent tutorials here. If you are interested about ensuring that your forms are legal and follow FERPA Guidelines, please read the University FERPA Policy as well as the Data Storage Guidelines Page.

Requesting access

Access to Formstack requires completion of basic web accessibility training (annually) as well as approval of your dean or vice president. 

You can request Formstack access online

Usage guidelines

The following guidelines have been created for the use of Formstack at the University. The guidelines describe the types of information that should be collected via web forms.

  1. Do not collect any of the following information on forms:
    • Social Security Number
    • Credit Card Information
    • Protected Health Information (PHI)
  2. Confidential data, such as Personally Identifiable Information (PII) and Family Educational Rights and Privacy Act (FERPA) data, may be collected as long as the following security guidelines are followed.
    • Encryption must be enabled.
    • Authentication via NetID must be enforced.
  3. Examples of FERPA data elements are listed below.
    • Name
    • Participation in officially recognized activities and sports
    • Address
    • Telephone Number
    • Weight and height of members of athletic teams
    • Email address
    • Degrees, honors, and awards received
    • Major field of study
    • College
    • Dates of attendance
    • Date of graduation
    • Undergraduate and graduate status
    • Most recent educational agency or institutions attended
    • Enrollment status (full-time or part-time)
    • GPA (grade point average)
    • Grades/exam scores
    • Standardized test scores
    • Actual number of hours enrolled
  4. Do not collect information you do not need.
  5. Do not use the following Formstack components as they are not ADA accessible.
    • Date/Time - If the date is needed, add the separate boxes to collect the date and time.
    • Address Block - Create separate short answer boxes to collect address information
    • "Add Other" option for radio and checkboxes. Add a unique short answer box to collect "other" information.
    • Signature box - Create a required checkbox with an agreement and a textbox where the user types their name.

Data storage

  • Sensitive and Confidential data are required to be stored using the Encrypt Saved Data option under Security.
  • Sensitive and Confidential data may be stored according to the Data Storage Guidelines.
  • The form creator and college/division are responsible for all data collected.
  • In the event of a security or data breach, the University Chief Information Security Officer must be notified immediately.
  • Users with access to Sensitive and Confidential data are required to attend FERPA and/or HIPAA training

Naming and storing conventions

New forms

Proper naming conventions and organization of forms allow for easy maintenance and support of forms. 

  • Left click on a folder on the left panel that corresponds the department you belong in. For example, if you were in Education, click on the EDU-Education folder. 
  • Create a form inside your department's folder. Left click the blue button on the top right of the page that says "Create New Form".
  • Under the form name field, give your form a three or four digit letter abbreviation belonging to that department. For example, if you were in Education, you want to prefix your forms as (EDU). If you were in Student Services, you'd want to prefix your forms as (STSV). For example: (EDU) College Adults Form is a valid name for a form. Note: a complete list of form names can be seen on the left side panel of folders on the Formstack website.
  • The Form URL field will fill automatically, but you can replace this with another name if you would like.

Existing forms

If you have an existing form and are unsure where to put it, please follow the following steps.

  • Left of the form you are working on is a box. Click on that box. This will give it a green check mark.
  • Click on the "move to" button.
  • Move that form, or list of forms, into the appropriate folder. If the appropriate folder does not exist, please let Marketing and Communications know and we will create one for you.

*NOTE: Marketing & Communications may periodically clean up all Formstack forms including organization into appropriate folders and renaming forms to the appropriate name.