AWS Security Blog

U.K. National Health Services IGToolkit Assessment report now available

We know that customers often seek out third-party tools to allow for the baselining and benchmarking of their environment. Additionally, healthcare and life sciences customers (HCLS) have specific needs, which is why we continually strive to meet relevant global standards validating our security and compliance. Today, we’d like to take a look at a new tool, our latest compliance report from the National Health Services (NHS) Information Governance (IG) Toolkit for UK Health, which has a unique element because it allows you to assess us as well compare AWS to other service providers.

The AWS IGToolkit Assessment Report gives you the ability to evaluate how we performed against IGToolkit requirements. Our overall score of 98 percent and grade of “Satisfactory,” which is the highest grade awarded, mean you can use our services to host and process NHS patient data with assurance that we are following exacting requirements for data security.

The NHS IGToolkit site is straightforward to use and reports can be downloaded into a spreadsheet. AWS is categorised as a “Commercial Third Party.” For more information about the NHS IGToolkit, you can download this pdf.

As always, security is a shared responsibility, so while this report allows you to use AWS, you are required to complete your own NHS IGToolkit assessment. Finally, we are also working on addressing the Data Security and Protection Toolkit, which will replace the IGToolkit, and will release further news over the coming months as we move towards submitting our assessment.