Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Expand what’s possible with HIPAA

January 27, 2023

Hi everyone! It’s a new year and we’re thrilled to announce the progress we’ve made across three key HIPAA initiatives:

  • HIPAA for Jira Service Management on Enterprise Plan has launched and is ready for customers today

  • Notifications for HIPAA are also right around the corner and should be available to customers in Feb

  • HIPAA expansion details are ready to share

Introducing HIPAA to Jira Service Management

HIPAA compliance is now available to all customers on the Enterprise Plan of Jira Software Cloud, Confluence Cloud, and Jira Service Management (JSM) Cloud. Customers using any of our Enterprise Cloud products can rest assured that their personal health information (PHI) is safe, secure, and abides by the latest regulations set by the U.S. Department of Health and Human Services.

With the introduction of JSM to your suite of HIPAA-compliant products, you can bring together all service teams on the same platform, accelerating the flow of work between Development and IT Operations while empowering teams across the enterprise to adopt a service-oriented mindset and deliver exceptional experiences for employees and customers.

To get started, contact us and review our implementation guide!

You get notifications, you get notifications, all supported products get notifications

In February, we’ll be rolling out HIPAA-compliant notifications for Jira Software and Jira Service Management. All instances with PHI will automatically have notifications shortened to ensure that users can continue to receive the notifications they need while ensuring that all PHI remains secure and compliant. As we get closer to the release of HIPAA-compliant notifications, we’ll share an update to this post as well as detailed documentation on what to expect.

*November 2023 Update*

All three supported products; Jira Software, Jira Service Management, and Confluence now offer redacted notifications. Visit our documentation to learn more!

HIPAA for all teams

Starting in Q3 2023 (CY), HIPAA will be available on Standard, Premium, AND Enterprise plans! We’ve heard your feedback and have been diligently working on improving our processes to ensure that teams of every size can have access to HIPAA-compliant instances. Once we roll out our expanded program, all eligible customers will be able to sign our updated Business Associate Agreements (BAAs). Follow along here or via our cloud roadmap to get the latest!

In the meantime, if you have any questions, comments, or other thoughts related to HIPAA leave them down below!

Cheers,

 

*September 2023 Update*

We are delighted to announce HIPAA availability for Standard and Premium versions of all HIPAA Eligible products! :celebrate:

We began rolling out this new capability on September 19 2023 and are targeting to make this available to all Standard and Premium customers by the end of the month. This new self-serve experience allows org admins to sign their BAA and tag the appropriate products from within their admin experience (admin.atlassian.com). For more information on how to get started, please visit Understand HIPAA compliance for Atlassian products.

We're also working on the final touches for HIPAA notifications and expect those to  be available for Jira Software and Jira Service Management by the end of the month.  Confluence is still on target to deliver by the end of the year. If you have any questions about any of these new releases, feel free to comment below.

*September 27 2023 Update*

We have rolled out to all customers!   Please keep in mind only Org Admin users have access to the capabilities. If you don't see it please verify first if you are signied in with Org Admin rights. For more information on how to get started, please visit Understand HIPAA compliance for Atlassian products.

Comment
Watch
Like # people like this
7932 views

41 comments

Comment

Log in or Sign up to comment
Jordan Fuller
Jordan Fuller
Contributor
January 27, 2023

is it Q3 2024 or 2023?

Like # people like this
Filiberto Selvas
Filiberto Selvas
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
January 27, 2023

@Jordan Fuller  calendar year 2023, thank you for the catch! 

Like Alex Koxaras _Relational_ likes this
Phil Cooper
Phil Cooper
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
January 27, 2023

Thank you!!! I know many will be very relieved to get this information today.

Will there be any additional cost, or will it be included as a standard feature of these lower level plans?

Thanks,

Phil

Like
Filiberto Selvas
Filiberto Selvas
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
January 27, 2023

Hi @Phil Cooper , I am glad that this comes as good news.  There will be no additional cost for HIPAA. 

Like # people like this
Andy Levesque
Andy Levesque
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
January 27, 2023

@Filiberto Selvas Can you verify that HIPAA compliance will also apply to those approved for the community license? 

Like Alex Koxaras _Relational_ likes this
Filiberto Selvas
Filiberto Selvas
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
January 27, 2023

Hi @Andy Levesque ,  Yes - HIPAA will also apply to community licenses for the eligible products (currently JSM, JSW & Confluence)

Like Alex Koxaras _Relational_ likes this
Angela Stephens
Angela Stephens
Contributor
February 6, 2023

@Filiberto SelvasWe have a client who will be adopting Atlassian products and live in Q1 2023. With the announcement of future HIPAA compliance within Standard Cloud offering, at what point might we be able to have a BAA signed for this client?

Like
Filiberto Selvas
Filiberto Selvas
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
February 6, 2023

Hello @Angela Stephens , 

Customer can sign a BAA for eligible products - Cloud Enterprise today.  For Standard and Premium we are aiming to make the BAA signing available by calendar year 2023 Q2-Q3 per: https://www.atlassian.com/wac/roadmap/cloud/hipaa-eligibility-expansion?p=349697da-b8 

Please make sure your customer does NOT capture any PHI in Atlassian Cloud products without the protections of a BAA and the assurances of HIPAA compliance. 

Like # people like this
Angela Stephens
Angela Stephens
Contributor
February 16, 2023

@Filiberto Selvas thank you so much for the reply.  Is there anyone we can work with more closely on the rollout of HIPAA to cloud?  I have a client who is interested/willing to be an early adopter, give feedback, etc.?

Like
Filiberto Selvas
Filiberto Selvas
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
February 16, 2023

Hi @Angela Stephens , 

We are not planning an EAP, feedback is always sought.  Will circle back when we open for that. 

Like
Angela Stephens
Angela Stephens
Contributor
February 16, 2023

@Filiberto Selvas  Sorry, one last question.  Our Atlassian Associate Partner Manager quoted us Q4 2023 for HIPAA in Cloud and BAA availability.  Is that accurate?

Like
Filiberto Selvas
Filiberto Selvas
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
February 16, 2023

Hi @Angela Stephens 

We aim to expand eligibility for HIPAA in this timeframe: https://www.atlassian.com/wac/roadmap/cloud/hipaa-eligibility-expansion?p=349697da-b8 

Like
Jake Sullivan
Jake Sullivan February 27, 2023

Are there different considerations for customers that full under one of the following scenarios?

  1. Only use Jira Work Management
  2. License Jira Work Management in addition to Jira Software (or Confluence or JSM)
  3. Use "Work Management" projects with their JSW licenses (but have not licensed JWM separately)
Like Lindsay Pratt likes this
Filiberto Selvas
Filiberto Selvas
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
February 27, 2023

Hi @Jake Sullivan , 

Our yearly HIPAA audit process targets specific products, so even when JWM leverages a lot of the same platform as JSW does, we would still have to go through a product focused audit for it.  We currently don't have timeline to include JWM in the yearly audit process, but I will raise this with the product manager in the team for discussion.   

Filiberto Selvas 

Like Lindsay Pratt likes this
Yoni Revah
Yoni Revah
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
February 28, 2023

If we wanted to signup for updates, do we just do that on the roadmap page?

Would love to be notified in case there are any delays. I have a few projects ready to be deployed as soon as we sign that BAA.

Like Angela Stephens likes this
Chris Adams
Chris Adams
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
April 5, 2023

There are laws on the books in California and other states are starting to adopt them that prohibit access to any PII/PHI from non US based entities including offshore who remote into US systems then access data.  Are there any safeguards being explored to ensure we can remain in compliance when it comes to Atlassian support services being strictly US based for sites/projects containing that information?

Like Venkatakrishna Vemala likes this
Shari Barchus
Shari Barchus
Contributor
April 6, 2023

Hi Team, Will there be a minimum user tier in order to quality for HIPAA Compliance?

Like
Filiberto Selvas
Filiberto Selvas
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
April 6, 2023

Hi @Shari Barchus , 

Any customer licensing a paid plan will be eligible for HIPAA compliance.  There will be no specific minimum number of users required for HIPAA itself. 

Like
Angela Stephens
Angela Stephens
Contributor
May 24, 2023

Will the move to Cloud HIPAA Compliance, will Atlassian be updating the Terms of Service once they start signing BAAs?  Will customers be able to submit their Subcontractor BAA agreements to Atlassian in advance of HIPAA compliance roll out?

Like
Filiberto Selvas
Filiberto Selvas
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
May 25, 2023

Hi @Angela Stephens , 

For Standard and Premium we will offer a non negotiable BAA to be signed, which supersedes the terms of service in regards to the ability to capture PHI data in our products. Always in accordance to the implementation guide: https://support.atlassian.com/security-and-access-policies/docs/the-hipaa-implementation-guide/  

Like Angela Stephens likes this
Rob Horan
Rob Horan
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
August 9, 2023

Are there any updates on the ETA for HIPAA compliance in Premium?  The roadmap shows Q3 2023, and since we're in Q3 now, wondering if that's still the expected rollout time.  Thanks!

Like Filiberto Selvas likes this
Filiberto Selvas
Filiberto Selvas
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
August 9, 2023

@Rob Horan , 

We are still on track to begin releasing HIPAA for Standard and Premium by the end of Q3, meaning end of September.  We will have a "throttled" release, not all customers will see the capability at the same time. We do this to allow to detect any issues that we may have failed to identify through our testing period. 

If you have not checked it yet please review the Implementation Guide, though there will be an update when we release the expansion of eligibility: https://support.atlassian.com/security-and-access-policies/docs/the-hipaa-implementation-guide/ 

Like # people like this
Rob Horan
Rob Horan
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
August 11, 2023

Thank you @Filiberto Selvas , this is fantastic news!  HIPAA in Premium will remove a major cloud adoption blocker for many teams!

Like Filiberto Selvas likes this
Slavisha Karach
Slavisha Karach
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
September 22, 2023

Hi @Filiberto Selvas , is this getting any closer to completion? Could you please email me with contacts from your side that would kick off the sales process for this?

Like # people like this
Rebecca Dean
Rebecca Dean September 22, 2023

@Filiberto SelvasWill this new feature be self service or do we need to engage our Account Manager? IF so can you please connect me with the appropriate person. 

 

Thanks!

Like Filiberto Selvas likes this
Filiberto Selvas

Filiberto Selvas

Atlassian Team
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.

About this author

Product Manager

3 accepted answers

115 total posts

View profile
groups-icon
Trust & Security
TAGS
AUG Leaders

Atlassian Community Events

    See all events