Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

PHI data helpdesk

Jeff Thorne
Jeff Thorne February 13, 2024

We utilize the helpdesk of JIRA. Where some emails we get into the email address we have setup, that opens the JIRA ticket. Some contain PHI inside the email and is transmitted over to the JIRA ticket. We do have the helpdesk users go through the ticket and remove the PHI but is the data that first came in with the PHI is that stored on JIRA systems anywhere. Or could it be once it is updated in the ticket it is taking out of the system?

Answer
Watch
Like Be the first to like this
226 views

1 answer

0 votes
Mikael Sandberg
Mikael Sandberg
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
February 13, 2024

Hi @Jeff Thorne,

Welcome to Atlassian Community! 

If the request contains PHI and the agent removes it, it is still stored in the backend database and can be viewed as part of the history of the request. If you are on the standard plan or higher you can use the HIPAA Compliance option and you can then tag products that contain PHI so they can be identified and treated in accordance to HIPAA regulations.

View More Comments
Jeff Thorne
Jeff Thorne February 13, 2024

We are currently using the free version of JIRA, since we only have 2 users that are using it. Is there any other advantages to migrate off the free version to the standard or higher plan?

Like
Mikael Sandberg
Mikael Sandberg
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
February 13, 2024

The biggest advantage, at least for me, would be that you get access to permissions if you upgrade, you can then control who have access to specific request, another one would be data residency. You can see the difference if features between the different plans here.

Like
Jeff Thorne
Jeff Thorne February 15, 2024

Is there way to delete the data from the system that we indicate is PHI? Would deleting the ticket remove any trace of the PHI inside the ticket or would there still be traces of it in the system.

Like
Mikael Sandberg
Mikael Sandberg
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
February 15, 2024

Yes, deleting the ticket would remove all data of it from the system, unless you are either using the built-in backup option or using an app for it. Also worth noting, as stated in the link provided above, is that if you are using apps then you need to have a BAA signed with the vendor of that app in order to be HIPAA compliant, the one for Atlassian only covers eligible Atlassian products

Like
Jeff Thorne
Jeff Thorne February 15, 2024

Not too familiar with JIRA, where we we check for the built-in backup option if it is turned on?

Like
Mikael Sandberg
Mikael Sandberg
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
February 15, 2024

Currently you have to download Admin Kit for Jira, and you can access it from Apps > Manage apps. There is a new backup and restore experience that is scheduled to be released in Q4 2024 according to Atlassian's public roadmap.

Like
Jeff Thorne
Jeff Thorne February 28, 2024

Once the ticket is deleted from the JIRA system or is there still remanence of the information inside the JIRA dashboard or the backend servers of the JIRA system? With the free version there is no telling where the JIRA databases we are utilizing of the location?

Like
Mikael Sandberg
Mikael Sandberg
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
February 28, 2024

No, delete is permanent and the only way to restore it would be from backup. This why it is important to not give the delete issue permission to a lot of users, since they could accidentally cause a lot of issues.

Like
Jeff Thorne
Jeff Thorne February 28, 2024

Thank you, is there a way to tell where the server is located that our JIRA data is stored on?

Like
Mikael Sandberg
Mikael Sandberg
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
February 28, 2024

Yes, if you go to admin.atlassian.com and click on Security > Data residency it will show you the location. By default you are added to the Global location, but you can select to pin it to a specific location. You can read more about data residency here.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events