Posted On: Nov 2, 2017

Amazon ElastiCache for Redis is now a HIPAA Eligible Service and included to the AWS Business Associate Addendum (BAA). This announcement means you can use ElastiCache for Redis to store, process, and access protected health information (PHI) and power secure healthcare applications.  

Redis, an open source, in-memory data store, is a popular choice among developers to power low latency, high throughput internet scale applications. ElastiCache for Redis is a Redis-compatible, fully-managed, in-memory data store and cache in the cloud that delivers sub-millisecond response times with millions of requests per second. Now you can use the speed, simplicity, security, and scalability of ElastiCache for Redis for use cases such as database and application caching, session management, queues, chat/messaging, streaming analytics, and geospatial analytics to build secure, fast, and scalable healthcare apps. 

HIPAA Eligible ElastiCache for Redis is available for all current-generation instance node types and requires Redis engine version 3.2.6. You must ensure that nodes are configured to encrypt the data in transit and at rest, and to authenticate Redis commands before the engine executes them. See Architecting for HIPAA Security and Compliance on Amazon Web Services for information about how to configure Amazon HIPAA Eligible Services to store, process, and transmit PHI.

ElastiCache for Redis uses Advanced Encryption Standard (AES)-512 symmetric keys to encrypt data on disk. The Redis backups stored in Amazon S3 are encrypted with Server Side Encryption (SSE) using AES-256 symmetric keys. ElastiCache for Redis uses Transport Layer Security (TLS) to encrypt data in transit. It uses the Redis AUTH token that you provide at the time of Redis cluster creation to authenticate the Redis commands coming from clients. This AUTH token is encrypted using AWS Key Management Service.

There is no additional charge for HIPAA eligible ElastiCache for Redis. To get started, see the documentation