Amazon RDS and its HIPAA Compliance Requirements
Amazon Relational
Database Service (RDS) enables cloud users to utilize a database without any
configuration or database administration. Amazon RDS is an excellent solution
for healthcare organizations building robust healthcare applications. Amazon
RDS is HIPAA eligible, and may be used to store protected health information
(PHI).
Users only pay
for the use of Amazon services, and in-return can utilize Amazon Aurora, Oracle
Database, SQL Server, and other native DB engines. Before using AWS RDS to
store PHI and production data, must configure specific administrative and
technical safeguards to comply with HIPAA regulations.
Amazon RDS HIPAA Compliance
Amazon RDS
can be used as a HIPAA compliant database provided the organization configures
necessary security controls within AWS and RDS. Organizations are required to
set technical safeguards and manage database operational concerns in RDS
including:
- Manage permissions and system access
- Audit logging
- Encryption standards and more
Security
controls must be built around the organization’s policies and cloud services. The
Dash Compliance Automation Platform provides continuous monitoring for addressing
security risk and compliance concerns.
Comments
Post a Comment