Jira and Confluence Cloud are popular platforms among healthcare organizations and hospitals for managing daily tasks, projects, and data, including Protected Health Information (PHI). While these platforms enable quick and easy access to patient data, organizations must be cautious to avoid violating HIPAA regulations due to the sensitive nature of the information they collect. Jira Service Management Cloud Enterprise is now HIPAA compliant.
HIPAA is a regulation that aims to protect the privacy and security of an individual's Protected Health Information (PHI). HIPAA compliance is required for companies that store or process data of U.S. citizens, regardless of where the company is located. It applies to healthcare providers, health plans, and healthcare clearinghouses that handle Protected Health Information (PHI) under HIPAA regulations. These requirements apply globally, and companies must comply with HIPAA if they process health data from the United States.
Atlassian's Jira Service Management Cloud Enterprise is now HIPAA compliant, joining the ranks of Jira Software and Confluence Cloud Enterprise (Certified in Q1 of 2022). It meets HIPAA requirements through comprehensive privacy and security protections, including assessments for remediation, gap analysis, and security risk analysis.
However, organizations using Atlassian's products to create, send, receive, or maintain PHI must purchase an Enterprise-level plan and enter into a Business Associate Agreement with Atlassian. Atlassian takes security seriously and provides a HIPAA Implementation Guide to help organizations use its tools in a HIPAA-compliant way.
To learn more about this topic, read this post by Isos Technology: Jira Service Management is Now HIPAA Compliant—What to Know!