You're on your way to the next level! Join the Kudos program to earn points and save your progress.
Level 1: Seed
25 / 150 points
1 badge earned
Challenges come and go, but your rewards stay with you. Do more to earn more!
What goes around comes around! Share the love by gifting kudos to your peers.
Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!
Join now to unlock these features and more
I work at a smaller healthcare organization. We're currently in the process of migrating from Data Center to Cloud and have already signed a BAA with Atlassian for HIPAA compliance. In the Atlassian HIPAA Implementation Guide, it states you must have a BAA with all relevant third-party apps also.
Between our Jira and Confluence applications, we have around 20 add-ons. I started reaching out to each of them yesterday asking for a BAA, but most have responded saying they don't offer that or this is the first time hearing about it and they'll look into it. I'm not feeling very confident that we will be able to get this with any, let alone all of our app (add-on) vendors.
Has anyone else dealt with this issue? Or, is there a workaround in order to maintain HIPAA compliance? We need this because we are a healthcare organization and there is a chance that PHI could be accidentally input into tickets at some point.
Thank you in advance for any insight,