Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

What to do about Third-Party Apps BAAs for HIPAA Compliance

JA November 14, 2023

Hello,

I work at a smaller healthcare organization. We're currently in the process of migrating from Data Center to Cloud and have already signed a BAA with Atlassian for HIPAA compliance. In the Atlassian HIPAA Implementation Guide, it states you must have a BAA with all relevant third-party apps also. 

Between our Jira and Confluence applications, we have around 20 add-ons. I started reaching out to each of them yesterday asking for a BAA, but most have responded saying they don't offer that or this is the first time hearing about it and they'll look into it. I'm not feeling very confident that we will be able to get this with any, let alone all of our app (add-on) vendors. 

Has anyone else dealt with this issue? Or, is there a workaround in order to maintain HIPAA compliance? We need this because we are a healthcare organization and there is a chance that PHI could be accidentally input into tickets at some point. 

Thank you in advance for any insight,

Justine

0 answers

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
STANDARD
TAGS
AUG Leaders

Atlassian Community Events