2017-01-05 20:50:00 UTC

HIPAA Compliance with JIRA


I am evaluating different support platforms for my Healthcare organization. The intention is to use the platform with external and internal users, and the platform should be HIPAA compliant with all the required guidelines of encryption with data in transit and data at rest.

I've looked into the different modules with JIRA but none of them seem to be concrete enough to support HIPAA compliance. 

Has anyone used JIRA for Healthcare? How were you able to use JIRA and be HIPAA compliant?

Guest
77 Answers

author avatar
Vendor

Yes, our company (Isos Technology) has helped a number of organizations implement JIRA for the purposes of tracking clinical trials, mobile healthcare applications, and other PHI related implementations. It's not compliant out-of-the-box, but HIPAA compliance can be implemented in JIRA in an elegant way. If you have more questions or would like to discuss details, please reach out to us... www.isostech.com.

2017-01-20 14:06:16 UTC
author avatar
Top 10Real User

Kindly review the product ManageEngine. It covers complete IT Helpdesk functionality with Add-on for GRC, HIPAA requirements;

https://www.manageengine.com/products/eventlog/eventlog-compliance.html
https://www.manageengine.com/products/eventlog/hipaa-compliance-reports.html

2017-01-11 05:51:23 UTC
author avatar
Consultant

The app is not HIPPA compliant out-of-box, but you could get it there by hosting a server (not the cloud product) in a secure environment on the other end of a VPN. It would styme some of the interoperability (like the mobile app), but could work.

2017-01-10 15:27:53 UTC
author avatar
Vendor

We plan on using it with external physician offices or labs logging issues with patient orders and/or results. The company should also be willing to sign our BAA or have a BAA that we would sign. In terms of specs, we need the data fully encrypted from at rest to in transit.

2017-01-10 15:22:52 UTC
author avatar
LeaderboardConsultant

One of the best helpdesk software packages on the market currently, fully compliant with HIPAA is ServiceNow. They have a light and a full version. Although they work only in the cloud, there environment is able to be completely encrypted (or parts of it). Many banks and financial institutes are making use of ServiceNow. Also Agfa-Healthcare, a huge worldwide company with many hospitals as customers, is making use of ServiceNow.

Have a look at www.servicenow.com for more info about this tool.

2017-01-10 14:34:10 UTC
author avatar
Vendor

From my investigations it appears that JIRA Service Desk is NOT HIPAA compliant.

2017-01-10 14:04:34 UTC
author avatar
Consultant

What aspects of the IS HIPAA spec are you worried about JIRA violating? Are you intending to use it as a patient-facing solution, or internal for developers?

2017-01-10 13:19:11 UTC
Learn what your peers think about JIRA Service Desk. Get advice and tips from experienced pros sharing their opinions. Updated: April 2020.
420,671 professionals have used our research since 2012.