Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Cloud Compliance AMA

G’day everyone and happy 2022! 

My name is Filiberto Selvas and I’m a Principal Product Manager focused on data management and compliance in highly regulated industries ! At Atlassian, we understand that you face a complex and dynamic regulatory environment, which is why we’re focused on providing the tools and resources customers need to navigate this ever-changing landscape.

In the last year, our team has worked on several improvements to our compliance program, from adding new features like data residency to enabling stronger operational practices that include audit and oversight rights to allow customers to abide by stricter regulatory standards. These improvements help assure that customers can abide by financial services regulatory standards in Europe, and have paved the way for future capabilities, like HIPAA (launching this quarter) and FedRamp (2023). We want to continue to build on that momentum by creating a forum for you, our customers, to ask questions about how we’re meeting these requirements and/or future investments.

Here's how it works:

Add your questions below any time during the month of January. Be sure to take a look at other community members’ questions and up-vote those that you find interesting.

You can expect to see answers from me and my team rolling in on a weekly basis. Watch the page and be ready to add follow-up questions and discuss further with other Community members. 

Note: The information provided by Atlassian here is not legal advice. Customers are responsible for making their own independent risk and compliance assessments.




We are a military supplier and have been waiting for data residency. Currently we have an on premise Confluence system that we are waiting for data residency to be available so we can move to cloud. In addition we have a cloud Jira implementation which currently is also waiting on data residency so we can gain full utilization of it. I am interested in the time lines of the implementation for data residency on both platforms so that we can move our systems forward.

Like Brian Hill likes this

We are a financial cie and we are also waiting for data residency. The timeline for Canada has been pushed back several times and has caused problems with our roadmaps. Here's hoping that it won't happen again.

Hosana Atlassian Team Jan 05, 2022

Hi @David Rodman, we currently offer data residency for all paid plans (Standard, Premium, and Enterprise) in 3 regions - the US, Europe, and AU. To learn more about these capabilities, please visit our documentation page.

Hi Hosana,

Would this include a migration from on prem to cloud? From what I was reading, it was only available for "no data" implementations. Our on prem has data that would need to be moved up.

Hi Filberto, 

Do we have an implementation timeline yet on Service Desk HIPAA compliance? 



Hello @David Rodman , 

The process of migration is independent from the capability of keeping data resident in a specific region.  You can definitely create a Cloud instance, set it up for data residency in a specific region, and then migrate your on premise data to it... or the other way around (the former is more advisable though). 

Please do review the document Hosana offered above, you mention you are a military supplier and I want to make sure you know the data residency capability we have mentioned does not offer ITAR level guarantees. 


I hope this helps 

Like David Rodman likes this

Hello @Brooklyn Trumpy , not yet, it should be a couple more weeks.  Meeting Monday and Tuesday to discuss this, will define that timeline for JSM as soon as possible! 

Like Brooklyn Trumpy likes this

Thank you for the input @Carmen Nadeau , we will do all in our power to keep the timeline as it stands today 

Thank you for the additional information Filiberto. Is there additional information or someone I can discuss ITAR related information with. Since many of the ITAR controls have been changed and data residency is the primary one, this may still work for us. If not, the landscape will be pretty grim when on premise solutions are no longer supported.

happy to schedule a call @David Rodman , send me an email to fselvas at Atlassian dot com and we can find a time 

We're a nonprofit government law enforcement agency and we have onprem Jira, Confluence, Bitbucket, and Bamboo and with the new change, Data Center is not possible with our limited budget and small team (< 50). Do you have a timeline on CJIS compliance for Jira, Confluence, and Bitbucket?

Hello @DRFavreau , 

We currently don't have CJIS in our roadmap, I am not an expert in CJIS but my understanding is that there is no standardized assessment approach to determining whether a Cloud solution is considered CJIS compliant, we will be happy to provide you all information available to help make the determination if that is feasible.  A couple initial pointers: 

I hope this is helpful 


Log in or Sign up to comment

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you