Learn about Atlassian organizations
New to administering Atlassian cloud products? Learn about Atlassian organizations and what it means to be an organization admin.
A Business Associate Agreement (BAA) is a written contract between a business associate and a covered entity or another business associate. The BAA outlines the terms and conditions to ensure Protected Health Information (PHI) is appropriately safeguarded. Under HIPAA, Atlassian is considered a business associate. You must have a BAA in place before PHI can be uploaded to our products.
We can sign BAAs for Standard, Premium, and Enterprise plans for Jira Software, Jira Service Management, and Confluence. Free and trial plans are not eligible to sign BAAs.
To sign a BAA, go to admin.atlassian.com and select Settings > Compliance.
Then, select the Health Insurance Portability and Accountability Act (HIPAA).
Select Sign a BAA.
Provide the following information in the form:
Your legal name
Your email address
Name of signatory
A signatory is any individual who possesses legal authority to bind your organization into legally enforceable contracts
Email address of the signatory
Your organization's physical address
Select Submit.
After the request is processed, you will receive an email acknowledging your request to sign a BAA. The signatory will receive an email containing a copy of the Business Associate Agreement to be signed.
After you’ve signed a BAA, you must tag your product and follow the HIPAA Implementation Guide before you upload any PHI into the products. Learn how to tag your products
For Enterprise plans, contact your Atlassian representative to sign a Business Associate Agreement (BAA).
It’s important to remember that HIPAA compliance is a shared responsibility between Atlassian and you. Completing these steps won't automatically guarantee your compliance with HIPAA, you must also ensure that you follow HIPAA best practices.
Was this helpful?