Is AWS HIPAA Compliant?

Amazon Web Services (AWS) is Amazon’s cloud platform offering. AWS allows developers to build scalable applications quickly.

Read Our Latest Whitepaper – Managing HIPAA in AWS   Download Whitepaper

HIPAA Compliance In AWS

Many services in the AWS ecosystem can be used in a HIPAA compliant manner. Unfortunately, it is up to your organization to architect HIPAA compliant applications. There is no official certification for achieving HIPAA compliance. Amazon currently offers a business associates agreement (BAA) addressing physical safeguards, but your team must configure proper technical and administrative safeguards required under HIPAA.

Teams that handle protected health information (PHI) must handle administrative tasks such as annual risk assessments and employee training. Technical solutions must be implemented for requirements such as backup, disaster recovery, and audit logging. Most cloud providers, including Amazon Web Services operate on a “Shared Responsibility” model. Learn more about the compliance requirements shared between your organization and your cloud provider.

aws hipaa compliance

Leverage Dash and Amazon Web Services
To Build HIPAA Compliant Services

Building A HIPAA Security Program In AWS


Amazon Web Services (AWS) provides a wide array of offerings for creating backend services and deploying applications. These core services can be configured to be HIPAA compliant. AWS offers the flexibility to launch, manage, and scale virtual machines (VMs), cloud storage, managed databases and other services.

Dash allows your organization to create custom HIPAA administrative policies and configure and monitor a HIPAA compliant environment in Amazon Web Services (AWS), with one simple process:

  • Deploy Dash to your AWS environment
  • Dash’s automated service sets up and optimizes your cloud services
  • Monitor and manage the compliance process through our dashboard

  • Tour Dash Compliance Automation
    Building A HIPAA Security Program In AWS

    Address HIPAA Safeguards With Dash


    Physical Safeguards

    AWS will sign a business associates agreement (BAA) detailing physical safeguards for cloud services

    See Cloud Service Responsibilities

    Administrative Safeguards

    Your organization must create administrative policies for assessing and maintaining compliance

    Create Custom Policies with Dash

    Technical Safeguards

    Your organization must implement solutions such as backup, disaster recovery, and intrusion detection

    Implement Controls and Monitoring