HIPAA

《Health Insurance Portability and Accountability Act》(HIPAA) 是一项由美国卫生与公共服务部制定的联邦法规。HIPAA 旨在保护个人的 Protected Health Information (PHI) 的隐私和安全，并围绕该数据的使用、披露和保护制定了相关标准和要求。HIPAA 适用于创建、接收、维护、访问或发送 PHI 的涵盖实体和商业伙伴。

Atlassian 提供全面的隐私和安全保护，以确保我们的客户能按照 HIPAA 的规定操作我们的产品。其中包括：

• 保护 PHI 的安全措施
• 对可寻址 HIPAA 安全规则的合理补救或缓解控制措施的评估
• 年度 HIPAA 安全认证、差距评估和安全风险分析
• 定期审查和保留 HIPAA 策略和程序
• 有关 ePHI 防护的安全意识内容，以及
• the designation and role definition of a HIPAA Security and Privacy Officers

Customers who are subject to HIPAA compliance and want to partner with Atlassian purchase a Standard, Premium, or Enterprise Plan and enter into a Business Associate Agreement (BAA) that covers the applicable products and services. For more information on a BAA with Atlassian, please visit this page.

Additionally, we’ve created a guide that customers will need to read and follow before inputting any PHI into our products. This will help ensure that customers use our products and services in a way that supports their HIPAA compliance obligations.

有关我们为满足 HIPAA 规定的每项要求所采取措施的更多详细信息，请访问此页面。