Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,298,026
Community Members
 
Community Events
165
Community Groups

Safe customer notifications in Jira Service Management for compliance and privacy needs

Announcing safe customer notifications in Jira Service Management as a building block for compliance and privacy needs

At Atlassian, we understand the increasing need to be assured that your data is not only secure but that it’s also being used in a manner that's compliant with laws and regulations. We are constantly working to expand coverage to help organizations meet compliance needs and move to the cloud in a safe and secure manner. Learn more about Atlassian’s compliance program

Today we are happy to announce ‘Safe customer notifications’ in Jira Service Management to help you meet your organization’s compliance needs and protect your and your customers' data managed in your service projects. When you enable or disable a setting, it will impact all your Jira Service Management projects on the site. Please note that ‘Safe customer notifications’ is specific to Jira Service Management generated notifications and not including Automation for Jira notifications.

You must be a site admin to manage the compliance settings. To access the compliance settings:

  1. Go to Settings ⚙️ > Products.

  2. From the sidebar under Jira Service Management, select Compliance settings.

Learn about how to use compliance settings in Jira Service Management to meet your company’s compliance needs

You’ll also need to disable any automation rules that trigger an email notification. Learn how to configure your Atlassian account to meet HIPAA requirements

Protect sensitive data in customer notifications

Enabling safe notifications will hide potentially sensitive information from email notifications. Once enabled, the data including ‘Issue summary’, ‘Issue description’, ‘Comment’, and ‘Attachment’ will be hidden from the corresponding notification emails that your customers will receive. This also means safe notifications will not have attachments in them and your customers will need to log in to the portal to view the entire information available on the request. Learn more about customer notifications

We are currently working on meeting HIPAA compliance for Jira Service Management Cloud and would love your feedback if this feature is relevant to your organisation. We recommend enabling this setting if your organization needs to be HIPAA compliant but please ensure you carefully read the implementation guide to learn how to set up your project correctly. Learn more with the HIPAA Implementation guide

Also feel free to reach out to me, I’d love to talk to you more about how you use Jira Service Management and how we can improve customer notifications for your organisation and meet your compliance needs!

10 comments

This "Answer" was cross-posted in the thread about notifications for Confluence and Jira Software/Core. Is the intent to roll this out to those cloud platforms as well?

Michelle Tan Atlassian Team May 24, 2022

Hi @Jamie Hess

We're still figuring out what notifications will look like in Jira Software/Confluence - stay tuned! 😊

For Server / Data Center, our app S/Notify Email Encryption for Jira can provide HIPAA conformity through end-to-end encrypted notification emails in Jira including customer emails from and to Jira Service Management. We have customers from the health industry that use our app for exactly that purpose.

I was wondering if Atlassian isn't considering email encryption as a solution to compliance and privacy needs? We would love to provide a Cloud solution once Atlassian provides an API to apps to allow processing the emails.

See also JSDCLOUD-8850 where a customer has created a feature request for this.

This solution does not require to reduce the contents of the email, and also works well for Confluence.

Like Troy Anderson likes this

Hi @Michelle Tan

This is a great feature. 
For now, it is possible to enable/disable it at the instance level.
Is there any chance that at some point in the future it will be configurable at the project/service desk level?
I mean, in the same instance, allowing some projects to use Safe Notifications, while others would use the Standard Notifications.

Kind Regards,
Mihai Nitu

Like Kalin U likes this

@Mihai Nitu , great suggestion indeed!

Sorry, I don't really understand the results of activating this feature. What exactly is hidden? How is data marked confidential? Is it all the field data? The description? The summary?

Hello, has this been fully rolled out yet? Our last bundled release was 6/14-6/16, but I still don't see the Compliance Settings under JSM menu in Settings --> Products. I'm site & org admin. 

Michelle Tan Atlassian Team Jun 27, 2022

Hi all,

Apologies I haven't been able to reply sooner - I've been away sick so I appreciate your patience 🙂

@Metin Savignano We haven't considered this yet as there's quite a lot on our backlog at the moment for improving how we meet compliance and regulatory standards. We'll update you if anything changes for the upcoming year. 🙂

@Mihai Nitu @Kalin U Have your organisations begun using safe notifications? If so, could we please get in contact - I'd love to hear your thoughts on this feature!

@Christof Hurst By turning on safe notifications, this will hide data including ‘Issue summary’, ‘Issue description’, ‘Comment’, and 'Attachment” from the corresponding notification emails that your customers will receive.

@Jamie A_ Carpenter Yes this feature has been fully rolled out, are you using Release tracks? Because the feature will available depending on your track options. 🙂

If anyone else has tried out safe notifications and would like to provide feedback on this feature, please let me know - we'd love to hear your thoughts!

Cheers,

Michelle

Thank you Michelle, that's my misunderstanding then - I thought since the feature was announced in May it'd be released in my June bundled track, but I see it's slated for our next July bundled release :-) Thanks for the reply!

Like Michelle Tan likes this

Hi Michelle,

 

I tried this feature in a test instance and it looks promising. 

We cannot use it organization-wide, because not all our customers would prefer this approach.

That's why I asked about the possibility to have finer granularity in the future (i.e. enabling/disabling this feature at the Project/ServiceDesk level).

We have a similar setup in a server version of Jira, but there we had the possibility to modify the email templates (directly on the server) and we were "enabling" it only for specific projects or specific Security Levels.

But as you already know very well, the server versions are "fading out", since their support and development will be stopped by February 2024...

Kind Regards,
Mihai

Comment

Log in or Sign up to comment
TAGS
Community showcase
Published in Jira Service Management

Coming Soon: Insight Changing to Assets

The 2020 acquisition of Mindville added powerful asset and configuration management capabilities to Jira Service Management in the form of Insight. Following the completion of that integration, custo...

228 views 1 9
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you