Many of you reading this may already be aware of our native iPad app for in-clinic form filling and self check-in. Since early 2020, we've also had web forms that can be filled by your patients in the comfort of their own home, on their own device, well-before their appointment.

Here's what it looks like to your patients:

Differences with in-clinic filling

Form filling on the web is a little different to in-clinic form filling:

  • They're designed for patients to be sent a link to the form, not to be embedded in a website (but let us know if you want this).

  • When a form is being filled, it does not know the exact patient ID filling out the form. That means:

    • It cannot pre-populate the form with existing patient record information.

    • It has to "guess" at which patient has filled out the form. It does this by looking at the fields filled on the form, and trying to match them with a patient record.

    • If automatic processing is enabled, it will automatically try to automatically update (or create) the appropriate patient.

  • Forms update patient information (where changed), and attach a PDF to the patients' files, and create treatment notes, but do not automatically mark the patient as arrived.

  • All forms are processed and sent to Cliniko through our servers, not on your iPads. See our security section below for ensure security and privacy of patient data.

How do I get started?

Web form filling works with your existing forms, you just need to enable it on a per-form basis.

Once you've enabled web form filling and published the form, copy the public link and put it in your booking confirmation and/or appointment reminder templates as per Cliniko's helpful article on the subject.


With web form filling, patient information is now stored on our servers. It's stored until the form is deleted. All patient data is encrypted twice. Once at the disk level by our HIPAA-compliant host, and again at our application level with a key specific to the form.

Our database can only be accessed by us, all access to our server and DB is audited, our backups are regular and secure, and we have a team continuously monitoring the infrastructure for suspicious activity.

If you're interested, we've also written a longer, and more detailed article on what data we store.

Further reading

Did this answer your question?