Community
Products
Jira
Questions
HIPAA Compliance of Atlassian Application Add-ons

HIPAA Compliance of Atlassian Application Add-ons

We have a Jira Cloud instance that could, at times, contain PHI. We waited for the HIPAA compliant Standard version of Jira Cloud and have a signed BAA with Atlassian. I understand that the applications from the Marketplace do not fall under that agreement with Atlassian and need to be reviewed individually.

But, there are some apps that are developed by Atlassian. For instance the Jira Cloud for Outlook (Official) app. In this case, since it's an official Atlassian application, would it be covered by BAA we have with Atlassian? Would it be HIPAA compliant?

1 answer

1 vote

@Darren Zuiderweg,

With something like HIPPA, I would always err on the side of caution. If you review the implementation guide for HIPPA it states the BAA only covers eligible products which include Jira Service Management, Jira, and Confluence. Based on my reading, it would appear that they do not include Atlassian developed apps in the BA. I would reach out directly to Atlassian to confirm and have your legal team also perform a review before implementing any apps.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Suggest an answer

Was this helpful?

Thanks!

Jira

DEPLOYMENT TYPE

CLOUD

PRODUCT PLAN

STANDARD

PERMISSIONS LEVEL

Product Admin

Forums

Product Q&A

Community resources

Support

Top groups

Community resources

Support

Learn

Community resources

Support

Events

Community resources

Support

HIPAA Compliance of Atlassian Application Add-ons

1 answer

Suggest an answer

Was this helpful?

Thanks!

DEPLOYMENT TYPE

PRODUCT PLAN

PERMISSIONS LEVEL

TAGS

Community showcase

Atlassian Community Events