AWS Public Sector Blog
Category: Compliance
Building compliant healthcare solutions using Landing Zone Accelerator
In this post, we explore the complexities of data privacy and controls on Amazon Web Services (AWS), examine how creating a landing zone within which to contain such data is important, and highlight the differences between creating a landing zone from scratch compared with using the AWS Landing Zone Accelerator (LZA) for Healthcare. To aid explanation, we use a simple healthcare workload as an example. We also explain how LZA for Healthcare codifies HIPAA controls and AWS Security Best Practices to accelerate the creation of an environment to run protective health information workloads in AWS.
The benefits of running controlled substance databases with AWS
Healthcare authorities and providers use state-run controlled substance databases (CSDs) to track prescriptions and identify patients for substance abuse. CSDs help evaluate treatment options, screen patients who may be at risk for drug abuse problems, and make informed decisions about prescribing medication. This post explains how healthcare authorities can leverage CSD data to enhance their decision-making processes within business operations by using Amazon Web Services (AWS).
Idaho Controller modernizes back-office operations using AWS
Idaho deputy controller Josh Whitworth, who leads the state’s enterprise resource planning (ERP) modernization efforts, believes in looking beyond what legacy applications were designed to do decades ago to see the solutions of tomorrow. That view has helped Whitworth and his team transform Idaho’s back-office infrastructure and related processes. Read this blog post to learn how Amazon Web Services (AWS) helped Idaho modernize its ERP.
How credit unions can evaluate their FFIEC, NCUA cyber compliance using AWS
Credit unions face unique security, regulatory, and compliance obligations. These requirements mean that a sound cybersecurity posture is essential for credit unions across both cloud workloads and on-premises technology. Read this blog post to learn how Amazon Web Services (AWS) can help credit unions prepare for audits, assess security posture, and produce documentation for state or federal regulators.
Securing and automating compliance in the public sector with AWS
Compliance is essential, but ensuring compliance in the cloud with various regulations and standards can be challenging, especially for public sector organizations. The requirements are highly dynamic, constantly evolving, and they vary across countries. Read this blog post to learn about the Amazon Web Services (AWS) resources that can help customers meet compliance requirements, reduce their time and effort, and focus on core business objectives.
StateRAMP on AWS
What do AWS public sector customers need to know about the State Risk and Authorization Management Program (StateRAMP) and how can you use AWS to help meeting StateRAMP requirements? In this blog post, learn a quick recap on what StateRAMP is and how it differs from the similar Federal Risk and Authorization Management Program (FedRAMP).
Support FedRAMP and CMMC compliance with the Landing Zone Accelerator on AWS
Some US federal agencies and those who collaborate with them must support an automated, secure, and scalable multi-account cloud environment that meets Federal Risk and Authorization Management Program (FedRAMP) and Cybersecurity Maturity Model Certification (CMMC) standards. To support these needs, AWS customers and partners can deploy the Landing Zone Accelerator (LZA) on AWS. Recently, AWS worked with Coalfire, a FedRAMP-approved third-party assessment organization (3PAO) and AWS Partner, to assess and verify the LZA solution.
Amazon Connect achieves FedRAMP High authorization
AWS announced that Amazon Connect, its omnichannel cloud contact center service, has achieved FedRAMP Authorized status at the High Impact Level. FedRAMP is a US government-wide program that promotes the adoption of secure cloud services across the federal government by providing a standardized approach to security and risk assessment, and continuous monitoring for cloud technologies and federal agencies. In this blog post, learn how to deploy a secure Amazon Connect contact center with conversational AI features to route callers and chatters to the agents best able to assist them.
Navigating ISM and Essential Eight compliance with AWS Config for Australian government agencies
To help our Australian customers, AWS provides pre-built conformance packs for the Australian Cyber Security Centre (ACSC) Essential Eight Maturity Model and the ACSC Information Security Manual (ISM). The ACSC’s Essential Eight was first published in 2017 and is a set of prioritised security mitigation strategies designed to help protect organisations against various security threats. In this blog post, I walk you through how to set up a conformance pack in AWS Config that is designed to help you implement and track the ASCS Essential Eight model.
Canadian Centre for Cyber Security adds additional AWS services to its assessment of the AWS Canada (Central) Region
The Canadian Centre for Cyber Security (CCCS) added more AWS services to its assessment of the AWS Canada (Central) Region, bringing the total number of assessed AWS services to 120. This provides Canadian public sector customers additional confidence that AWS Cloud services meet the Government of Canada’s security control requirements. Using these services in conjunction with the deployment of the open source AWS Secure Environment Accelerator (ASEA) solution reduces cloud service configuration time from months to days.