Web Form Platforms

Last Updated: August 29, 2025 9:42:30 AM PDT

Give feedback

Learn about the form platforms available through UC San Diego campus and their unique requirements.

Important first considerations and best practices

Before requesting an eform, review the topics below, as well as the information in the drawers.

Purpose & Audience

Define the form’s purpose and target audience (internal/external).
Clarify how collected data will be used and managed.

Data Security

Use secure (HTTPS) platforms.
Only collect necessary, non-sensitive data.
Follow legal/institutional data policies.
Choose platforms suitable for data sensitivity.

Design & Usability

Owner/builder of the form should put their contact info at the top of their form; in case a submitter has questions about completing the form
Ask only essential questions; group related items.
Use short, clear field labels without jargon.
Indicate required fields with a consistent marker.
Make fields required only when necessary.

Recurring Forms

Use evergreen titles (avoid years/dates).
- ✅ “Scholarship Application Form”
- ❌ “2025 Scholarship Application Form”
State deadlines in form description/confirmation.

Field Types & Logic

Prefer dropdowns, checkboxes, radio buttons.
Include “Other” options for flexibility.
Use conditional logic where appropriate; test for clarity.

Choose the Best Platform for Your Use Case

Different form requirements and uses
Product	Good for	Acceptable use guidelines
DocuSign	Self service Turning paper process into electronc process Capturing signatures Workflow notifications	Legally binding signature
Kuali Build	Self service Forms API data pull from other campus systems Smart with dynamic fields Workflows: Automated approval and notification	Security reviews in progress Legally binding signature
MachForm (eForms)	Self service Open forms (no SSO) Quick deployment Website embed Simple Workflows	No Personally Identifiable Information (PII) allowed.
OnBase	Forms API data push/pull from other campus systems Workflows: Automated approval and notification Website embed	Secure Document Retention Policy Compliance
Qualtrics	Self service Complex surveys Data collection and management Data analysis Website embed Workflows SSO capable	Check guidelines
Service Now	Forms API data push/pull from other campus systems Workflows: Automated approval and notification, ase management Website embed

What Is Permitted and Contact Information

Office of Information Assurance
Health Sciences Security Office
Research Integrity Office (within the Office of the Vice Chancellor for Research)

Permissions and contacts
Data Type	Data Use Guidance	Additional Information	Supported By
Credit card (PCI-DSS)	Not permitted	Credit card data may not be collected or stored at UCSD. See: Payment Card Industry Data Security Standards (PCI DSS)	Merchant Services
Export control	Not permitted		Export Control Office
Electronic Protected Health Information (ePHI) subject to HIPAA	Not permitted	HIPAA requirements are quite complex. Please consult with the Health Sciences Security Office or the campus Office of Information Assurance	Office of Information Assurance, Health Sciences Security Office
Human subject research	Consult	Consult with the Human Research Protections Program. Additional consulting is available from the campus and Health Sciences security office	Human Research Protections Program; Office of Information Assurance, Health Sciences Security Office
Intellectual property	Consult	Consult with appropriate UC location authority (e.g., Office of Innovation and Commercialization, Office of Research Affairs, campus counsel)	Office of Innovation and Commercialization
IT security information (e.g., administrative passwords, network diagrams)	Permitted	Note that passwords may never be stored. If you need to share a credential, use the free campus LastPass service	Office of Information Assurance
Other sensitive institutional info (e.g., fundraising, attorney/ client privileges)	Permitted	Certain types of information may not be appropriate for storage in a form database. Consult with data proprietor and appropriate UC location authority (e.g., privacy official, development office, campus counsel, information security officer) if you are unsure	Office of Information Assurance
Personally Identifiable Information (PII)	Permitted	If you are unfamiliar with securing data, consult with the Office of Information Assurance.	Office of Information Assurance
Research data	Permitted	Certain classes of data require additional protections in order to meet Federal security requirements. Consult with the Office of Information Assurance or the Health Sciences Security Office &/or the Research Integrity Office if you believe your data may fall into this category	Office of Information Assurance, Health Sciences Security Office.
Animal general (non-humanoid subject research)	Not permitted	Consult with data proprietor and UC location office of research	IACUC
Student education records (FERPA)	Permitted	Excluding student health records. Consult with data proprietor and UC location authority	Registrar's Office