Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

HIPAA / Contract Compliance with Service Management Cloud

Jesse Webb April 6, 2022

We use Service Management Datacenter for HIPAA compliant Ticketing.  Atlassian documentation is silent on HIPAA, and with the EOL announcement, we need to address the following or find a new solution.  Hopefully, the Trust Team can help us out.

1. Lock in US only data centers.

2. Bring our own key for data encryption for all products.

3. HIPAA compliance certification for Service Management by HITRUST Alliance Certification.  (See AWS and Microsoft HIPAA compliant solutions.)

If I cannot resolve this in FY22 we will need to leave the Atlassian family as our requirements and customer contracts lock us into these requirements.  

2 comments

Comment

Log in or Sign up to comment
Phoebe Nerdahl
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
April 6, 2022

Hi @Jesse Webb have you considered a migration to cloud?  Atlassian’s Enterprise cloud is HIPAA compliant. 

Like Stephen Sifers likes this
Jesse Webb April 6, 2022

Hi yes, with EOL of Service management Datacenter that is the only option.  Where do I find evidence of the HIPAA compliance and what that means in reality?  Thanks.

Jesse Webb April 6, 2022

Found the HIPAA page: HIPAA | Atlassian

But Service Management is not included.

JA April 6, 2022

My organization is needing this as well as we are currently on Server and would like to move to Cloud. I reached out to Atlassian back in January of this year and below is what they had to say.

Please be advised that as per our Cloud Roadmap, in the beginning it will only cover our Jira Software & Confluence products. Therefore, if you are seeking compliance for your products, Data Center (self-hosted) subscription of Jira Service Management should be opted instead. i.e if your agent count is min 50 agents.


We do have plans for making JSM compliant as well; however, details are not yet available. you can keep an eye on our Cloud roadmap for more details to come.

Not helpful that they don't have any sort of estimated timeline for JSM to become HIPAA compliant :(

Like Jesse Webb likes this
Michelle Tan
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
May 18, 2022

Hey @JA and everyone,

I'm Michelle, the Product Manager who’s been looking after Jira Service Management’s Customer Notifications and Compliance/Regulation features. We're currently working towards HIPAA compliance for Jira Service Management and have rolled out a feature this week that will help you meet your organization’s compliance needs and protect your and your customers' data!

Announcing safe customer notifications in Jira Service Management as a building block for compliance and privacy needs 

I'd love for you to try out our feature and give us early feedback on the user experience as we work towards HIPAA compliance in the coming months. 😊

Like Ajay _view26_ likes this
TAGS
AUG Leaders

Atlassian Community Events