HIPAA & BAA · Project management
Is Jira (Atlassian) HIPAA compliant?
Conditionally. Atlassian signs a BAA covering Jira and Jira Service Management Cloud on Standard, Premium, and Enterprise plans; Free and trial plans are not eligible.
Key facts
- BAA available: Conditionally — on specific plans
- What it takes: Standard, Premium, or Enterprise (Cloud)
- Official source: Atlassian — Business Associate Agreement — https://www.atlassian.com/legal/business-associate-agreement (verified 2026-06)
How to use Jira (Atlassian) in a HIPAA-compliant way
- Be on a paid Jira Cloud plan (Standard, Premium, or Enterprise).
- Submit a BAA request through Atlassian Administration.
- Receive and execute the BAA emailed to your signatory.
- Configure HIPAA security controls per Atlassian's HIPAA Implementation Guide before adding PHI.
- Limit PHI to HIPAA-qualified Atlassian products only.
Important caveats
- Free and trial plans cannot sign a BAA.
- The BAA does not extend to third-party Marketplace apps or customer integrations.
- A signed BAA covers Atlassian's obligations only — compliant configuration remains your responsibility.
The bottom line
No software is "HIPAA compliant" on its own. HIPAA compliance is a property of your organization, not a tool. Even with a signed BAA, you remain responsible for configuring Jira (Atlassian) correctly, limiting access to PHI, training staff, and maintaining your own safeguards. This page is general information, not legal advice; confirm current terms with Jira (Atlassian).
Frequently asked questions
Does Jira (Atlassian) sign a BAA?
On specific plans. Standard, Premium, or Enterprise (Cloud) A signed BAA is required before any PHI is involved.
Is Jira (Atlassian) HIPAA compliant out of the box?
No software is "HIPAA compliant" by itself. Even when Jira (Atlassian) offers a BAA, you are responsible for signing it, configuring the product correctly, restricting access, and maintaining your own administrative, physical, and technical safeguards.
What should I check before using Jira (Atlassian) with PHI?
Free and trial plans cannot sign a BAA.
