AWS Public Sector Blog

Tag: compliance

AWS branded background design with text overlay that says "Enabling AI leadership in the age of government efficiency"

Enabling AI leadership in the age of government efficiency

Global leaders are convening in Germany this week at the annual Munich Security Conference (MSC) to discuss key foreign policy and security challenges. Amid these discussions, one thing is clear: global leadership increasingly hinges on technological progress. In particular, the rapid progress of artificial intelligence (AI) presents an extraordinary opportunity for transformative innovation. For the U.S. government, this moment marks a crucial inflection point: embrace bold modernization of digital infrastructure and AI investment or risk being outpaced by global competitors.

AWS branded background image with text overlay that says "Unlock the power of fine-grained access control with Amazon Verified Permissions"

Unlock the power of fine-grained access control with Amazon Verified Permissions

Public sector organizations face stringent compliance requirements, and any unauthorized access to protected health information (PHI) or personal identifiable information (PII) can result in legal penalties and reputational damage. This post aims to demonstrate how public sector customers can develop a fine-grained authorization module using Amazon Web Services (AWS) identity services, extending beyond the capabilities of traditional role-based access control (RBAC), so they can achieve compliance objectives.

AWS branded background design with text overlay that says "Data ingress and egress through Trusted Research Environments and other secure enclaves"

Data ingress and egress through Trusted Research Environments and other secure enclaves

Data Review & Transfer Component (DRTC) on Amazon Web Services (AWS) provides a seamless solution to review, approve, and automate sensitive data transfer requests into and out of secure enclaves. In this post, we take you through the benefits of using DRTC to review data and other research artifacts for sensitivity prior to transfer into and out of these secure environments, in particular Trusted Research Environments (TREs).

AWS branded background design with text overlay that says "Allies can share data and technologies and remain compliant with international regulations using AWS"

Allies can share data and technologies and remain compliant with international regulations using AWS

National security and defense depend upon close collaboration between international allies. To protect sensitive data and promote robust cybersecurity frameworks, organizations must consider one another’s compliance requirements. One such requirement is the United States International Traffic in Arms Regulations (ITAR), which restricts and controls the export of defense and military-related technologies in order to safeguard US national security. Here, we set out how an innovation called Trusted Secure Enclaves (TSE) on Amazon Web Services (AWS) allows non-US national organizations who want to use the most modern and innovative technology to deliver defense and security missions using the cloud can do this and be compliant.

AWS branded background design with text overlay that says "Higher Education Community Vendor Assessment Toolkit now available on AWS Artifact"

Higher Education Community Vendor Assessment Toolkit now available on AWS Artifact

EDUCAUSE and the Shared Assessments working group collaborated with Internet2 and REN-ISAC, to create the Higher Education Community Vendor Assessment Toolkit (HECVAT). EDUCAUSE is a non-profit association committed to advancing the use of technology and data in higher education. The HECVAT is a third-party, vendor questionnaire framework designed for higher education institutions to evaluate the security and privacy posture of cloud and technology providers. It is intended to centralize vendor security and compliance information for ease of use. Amazon Web Services (AWS) now offers both the HECVAT Lite version and Full version to customers on-demand.

AWS branded background design with text overlay that says "Securing the future of healthcare in the age of generative AI and connected care"

Securing the future of healthcare in the age of generative AI and connected care

The healthcare industry is undergoing a profound transformation, driven by the adoption of generative artificial intelligence (AI), cloud computing, and connected care devices. This digital revolution promises to improve patient outcomes, reduce costs, and enhance the overall healthcare experience. However, it also introduces new challenges in terms of cybersecurity, privacy, and regulatory compliance. To navigate this complex landscape, healthcare organizations are turning to scalable, affordable, and highly available cloud infrastructures such as Amazon Web Services (AWS) to build resilient, secure, and innovative solutions.

AWS branded background design with text overlay that says "Harnessing the power of generative AI in AWS GovCloud"

Harnessing the power of generative AI in AWS GovCloud

In this post, we explore how generative artificial intelligence (AI), powered by services such as Amazon Bedrock and Amazon SageMaker, can be harnessed to meet the unique challenges of AWS GovCloud (US). We highlight use cases that demonstrate the potential of generative AI to enhance efficiency, automate workflows, and extract insights—all within a secure, compliant framework.

AWS branded background design with text overlay that says "Transforming financial markets: How FIA Tech built the Trade Data Network on AWS"

Transforming financial markets: How FIA Tech built the Trade Data Network on AWS

This post discusses how FIA Tech, a leading technology provider for the exchange traded derivatives (ETD) industry, built the Trade Data Network (TDN) on Amazon Web Services (AWS). TDN is an industry initiative that provides a shared ledger of trading information to address the fragmentation and lack of transparency in ETD post-trade processing. The TDN initiative currently includes 17 banks/brokers and 40 investment managers and hedge funds with combined assets under management of more than $34 trillion.

Complying with updated NIH Genomic Data Sharing policies on AWS

The National Institutes of Health (NIH) has long maintained guidelines governing the responsible management of controlled access human genomic and phenotypic data maintained in NIH-designated data repositories. Recently, the NIH updated these guidelines to align with the NIST SP 800-171 security standard, which defines a comprehensive framework for securing Controlled Unclassified Information (CUI). In this blog post, we will explore the specifics of the updated NIH guidance and outline how Amazon Web Services (AWS) can help customers build a compliant environment to meet these requirements.