AWS IoT Core and AWS IoT Device Management Now HIPAA Eligible
AWS IoT Core and AWS IoT Device Management are now HIPAA Eligible Services and have been added to the AWS Business Associate Addendum (BAA).
AWS IoT Core is a managed cloud platform that lets connected devices easily and securely interact with cloud applications and other devices. AWS IoT Device Management makes it easy to securely onboard, organize, monitor, and remotely manage IoT devices at scale.
If you have a BAA in place with AWS, you can immediately start using AWS IoT Core or AWS IoT Device Management to connect and manage IoT devices that access data or operate in a network that contains protected health information (PHI). If you do not have a BAA in place with AWS or have any other questions about running HIPAA-regulated workloads on AWS, please contact us.
HIPAA Eligibility applies to all AWS Regions where AWS IoT Core and AWS IoT Device Management are available. See the Architecting for HIPAA Security and Compliance on Amazon Web Services Whitepaper for information and best practices about how to configure AWS HIPAA Eligible Services to store, process, and transmit protected health information (PHI).
There is no additional charge for using AWS IoT Core or AWS IoT Device Management with HIPAA eligibility.