• Products
  • Documentation
  • Resources

Sign a Business Associate Agreement (BAA)

A Business Associate Agreement (BAA) is a written contract between a business associate and a covered entity or another business associate. The BAA outlines the terms and conditions to ensure Protected Health Information (PHI) is appropriately safeguarded. Under HIPAA, Atlassian is considered a business associate. You must have a BAA in place before PHI can be uploaded to our products.

We can sign BAAs for Standard, Premium, and Enterprise plans for Jira Software, Jira Service Management, and Confluence. Free and trial plans are not eligible to sign BAAs.

Standard and Premium plans

  1. To sign a BAA, go to admin.atlassian.com and select Settings > Compliance.

  2. Then, select the Health Insurance Portability and Accountability Act (HIPAA).

  3. Select Sign a BAA.

  4. Provide the following information in the form:

    • Your legal name

    • Your email address

    • Name of signatory
      A signatory is any individual who possesses legal authority to bind your organization into legally enforceable contracts

    • Email address of the signatory

    • Your organization's physical address

  5. Select Submit.

After the request is processed, you will receive an email acknowledging your request to sign a BAA. The signatory will receive an email containing a copy of the Business Associate Agreement to be signed.

After you’ve signed a BAA, you must tag your product and follow the HIPAA Implementation Guide before you upload any PHI into the products. Learn how to tag your products

Enterprise plans

For Enterprise plans, contact your Atlassian representative to sign a Business Associate Agreement (BAA).

It’s important to remember that HIPAA compliance is a shared responsibility between Atlassian and you. Completing these steps won't automatically guarantee your compliance with HIPAA, you must also ensure that you follow HIPAA best practices.

Additional Help