Hello,
We have a use case where our customers need to send PHI data via email and have it create an issue in JSM. We also have correspondence back and forth that will also contain PHI data. Is the "out of the box" JSM secure enough for PHI data or is there an addon that can fulfill this request?
Thank you,
Disclaimer: I belong to the company that offers the below mentioned app.
You did not say which country you are referring to, but as you speak of PHI, I suppose your customer is in the USA where companies handling PHI must comply to HIPAA, the Health Insurance Portability and Accountability Act.
Encryption is an important element of HIPAA compliance for email. Either S/MIME or PGP can be used to encrypt emails that contain or may contain PHI.
For further details, you may want to read Email Encryption for HIPAA compliance
The app S/Notify Email Encryption for Jira supports email encryption for both, outgoing and incoming emails in Jira as well as Jira Service Management. It can automatically extract S/MIME certificates or PGP keys from incoming emails to establish encrypted mail traffic.
However, due to limitations in Atlassian's Cloud API, the app is currently only available for self-hosted Jira instances. You may want to vote for JSDCLOUD-8850 which may help to make Atlassian aware of this important requirement.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.