AWS Government, Education, & Nonprofits Blog

Expedite a HIPAA-Compliant AWS Cloud Environment with the AWS Quick Start for HIPAA

The AWS Quick Start for the Health Insurance Portability and Accountability Act (HIPAA) automates the deployment of a compliant AWS Cloud environment for healthcare workloads in just a few clicks. It builds a repeatable and auditable cloud reference architecture that addresses the 52 statutes of HIPAA Phase 1 and the 180 statutes of HIPAA Phase 2 that protect the privacy and security of health information.

The Quick Start deploys a model environment that can help organizations with workloads that fall within the scope of the U.S. Health Insurance Portability and Accountability Act (HIPAA), including workloads with protected health information (PHI). The Quick Start architecture maps to certain technical requirements imposed by HIPAA regulations.

Additionally, the AWS Quick Start for HIPAA may be used along with the NIST Quick Start to create a FedRAMP High-compliant environment in the AWS GovCloud (US) Region – Amazon’s isolated cloud built for sensitive data and regulated IT workloads.

Read the HIPAA Quick Start deployment guide and see the security controls matrix.

Standard three-tier web architecture for HIPAA on AWS depicting integration with multiple VPCs (notional development VPC shown)