Forums

Articles
Create
cancel
Showing results for 
Search instead for 
Did you mean: 

Rovo is now available for Atlassian HIPAA organizations

Hi Rovo community,

I'm Ashwini, a Product Manager on the AI Trust team at Atlassian. I've been working on bringing Rovo to our HIPAA customers, and I'm excited to share that Rovo is now available for Atlassian organizations with HIPAA compliance requirements. Healthcare organizations and other HIPAA-covered entities can now use Rovo's AI-powered capabilities in a compliant way, in alignment with their regulatory obligations.

We're excited to announce this latest compliance achievement as we continue to deliver on the compliance needs of our customers. We've delivered ISO 27001 and SOC 2 compliance, now HIPAA, and in the future we'll continue expanding our AI trust features and capabilities..

Rovo is now covered under Atlassian's existing Business Associate Agreement (BAA) for eligible customers. You can see a full list of HIPAA-eligible apps by visiting our Compliance Resource Center.

What's available

Atlassian HIPAA customers can now access the following Rovo capabilities on their HIPAA-compliant sites:

  • Rovo Chat - AI-powered conversational assistant across your Atlassian apps

  • Rovo Agents - automated AI agents that take action across your work

  • Rovo Search - AI-powered enterprise search

  • In-app AI experiences - AI features embedded directly in Jira, Confluence, Jira Service Management and Jira Product Discovery

Some Rovo capabilities are not included in this HIPAA scope yet. These include, but are not limited to:

  • Rovo MCP server

  • Rovo CLI

  • Rovo Browser extension

  • Rovo Mobile and Desktop apps

Rovo for HIPAA use applies only to sites running HIPAA-eligible Atlassian cloud apps: Jira, Confluence, Jira Service Management and Jira Product Discovery.

How to get started

To get started today, simply contact Atlassian Support. We’ll start by setting up Rovo for your sites and confirm once Rovo is provisioned. Once provisioned, you can:

  1. Go to Atlassian Administration and select your organization

  2. Select Rovo, then Rovo access

  3. Enable Rovo on the apps you want: Jira, Confluence, Jira Service Management, and/or Jira Product Discovery

Before enabling, review and follow the steps outlined in the HIPAA Implementation Guide to understand the shared-responsibility model and the specific boundaries that apply.

How we keep your data within the HIPAA boundary

We’ve designed Rovo’s HIPAA support with strong data boundaries from the start. To help keep PHI protected within your HIPAA environment, we enforce a few restrictions automatically — no admin action needed:

  • Write actions to non-HIPAA-enabled Atlassian apps are blocked. Rovo cannot write data to any Atlassian app that is not HIPAA-enabled on your site.

  • Write actions to all third-party apps are blocked. Rovo cannot write to any external system via third-party connectors, ensuring PHI does not leave the HIPAA boundary.

Questions?

We hope your organization gives Rovo a try today! If you have questions or comments, we’d love to hear from you below. You can also visit our Trust Center for the latest on Atlassian’s AI trust and compliance details.

Comment

Log in or Sign up to comment
TAGS
AUG Leaders

Atlassian Community Events