HIPAA on Amazon Web Services
Running a cloud solution for web servers, data processing, and storage for medical applications is becoming critical for reliability, speed, and accessibility. As a bonus, the cost-to-performance ratio is usually better with a well-configured cloud cluster.
HIPAA in the Cloud gets a boost
In May 2017, Amazon Cloud EC2 servers configured in a VPN network passed certification for HIPAA use. This means that dedicated server hardware (one of the more expensive EC2 options for servers) is no longer required. That means the smaller medical companies and medical data services can now use cloud to much better economy and still stay HIPAA compliant.
So let's learn about HIPAA in the cloud!
Architecting for HIPAA Security and Compliance on Amazon Web Services
- Download the white paper, June 2017 version. This lists all of the AWS components that are certified to be usable in HIPAA data processing. It does not show sample configurations, however. (If this link breaks, the report is also attached, below.)
- Slideshare for Architecting for HIPPA Compliance on AWS. This shows various sample configurations of VPC's (Virtual Private Clouds) for HIPAA uses.
- Now, get the low-down on each requirement and component configuration from this great post on Medium, Architecting Your Healthcare Application for HIPAA Compliance, Part 2
- HIPAA on AWS Video playlist on YouTube, including:
- Aptible + AWS + Telepharm: HIPAA for Startups - Jun 25, 2015
- Implementing Bullet-Proof HIPAA Solutions on AWS (SEC306) | AWS re:Invent 2013
- AWS re:Invent 2015 | (SEC304) Architecting for HIPAA Compliance on AWS
- Migrating Your HIPAA Compliant Healthcare Analytics to AWS - Dec 3, 2015
- Using Containers for Security and Compliance (CoreOS Fest 2015)
- RELATED: AWS GovCloud (US) for Highly Regulated Workloads - Jul 13, 2016
A big part of being HIPAA compliant is simply being able to document and validate your infrastructure. More and more tools are being created and adapted to do just that. This is becoming a major part of implementing HIPAA computing systems. Learn more in these videos:
- HIPAA/HITRUST - Account Governance Strategies - Jun 21, 2017
- Automated HIPAA Compliance: Powered by Cloudticity on AWS - May 11, 2017