AWS Compliance Programs

Global United States Canada Asia Pacific Europe Privacy
Visit the AWS GDPR Center

AWS is committed to offering services and resources to our customers to help them comply with GDPR requirements that may apply to their activities.

EU flag
BarCompliance

Global

csa-logo

CSA

Cloud Security Alliance Controls

ISO9001

ISO 9001

Global Quality Standard

ISO27001

ISO 27001

Security Management Controls

ISO27017

ISO 27017

Cloud Specific Controls

ISO27018

ISO 27018

Personal Data Protection

pci

PCI DSS Level 1

Payment Card Standards

SOC-SizedLogo

SOC 1

Audit Controls Report

SOC-SizedLogo

SOC 2

Security, Availability, & Confidentiality Report

SOC-SizedLogo

SOC 3

General Controls Report

BarCompliance

United States

CJIS_Logo

CJIS

Criminal Justice Information Services

DoD SRG

DoD SRG

DoD Data Processing

FedRAMPLogoNew

FedRAMP

Government Data Standards

dept_education_sized

FERPA

Educational Privacy Act

ffiec_logo_sized

FFIEC

Financial Institutions Regulation

FIPS_sized

FIPS

Government Security Standards

FISMASized

FISMA

Federal Information Security Management

GxPLogoAws

GxP

Quality Guidelines and Regulations

HIPAA-sized

HIPAA

Protected Health Information

HITRUST

HITRUST CSF

Health Information Trust Alliance Common Security Framework

itar-sized

ITAR

International Arms Regulations

MPAAIcon

MPAA

Protected Media Content

automating-security-best-practices-solution-icon (1)

NIST

National Institute of Standards and Technology

sec_logo

SEC Rule 17a-4(f)

Financial Data Standards

VPAT

VPAT / Section 508

Accessibility Standards

BarCompliance

Canada

FIPS_sized

FIPS

Government Security Standards

BC-flag

Freedom of Information and Protection of Privacy Act (British Columbia)

Privacy Legislation in British Columbia (BC)

Alberta_Flag

Health Information Act (HIA)

Privacy Legislation in Alberta 

Flag-New-Brunswick

Personal Health Information Privacy and Access Act (New Brunswick)

Privacy Legislation in New Brunswick

compliance-privacy-ontario

Personal Health Information Protection Act (PHIPA)

Privacy Legislation in Ontario  

Nova-Scotia-Flag_Shadow

Personal Health Information Act (PHIA)

Privacy Legislation in Nova Scotia  

compliance-privacy-pipeda-canada

Personal Information Protection and Electronic Documents Act (PIPEDA)

Canada’s Federal Private Sector Privacy Legislation 

BarCompliance

Asia Pacific

data-privacy-japan-flag

FISC [Japan]

Financial Industry Information Systems

IRAP

IRAP [Australia]

Australian Security Standards

K-ISMSProgram

K-ISMS [Korea]

Korean Information Security

MTCSSingaporeLogo

MTCS Tier 3 [Singapore]

Multi-Tier Cloud Security Standard

compliance-privacy-singapore

OSPAR [Singapore]

Outsourcing Guidelines

BarCompliance

Europe

ASIP HDS

ASIP HDS [France]

Personal Health Data Protection

C5_Sized

C5 [Germany]

Operational Security Attestation

cyber-essentials-logo

Cyber Essentials Plus [UK]

Cyber Threat Protection

ENS_Logo_Sized

ENS High [Spain]

Spanish Government Standards

GovUkCloud

G-Cloud [UK]

UK Government Standards

TISAX_logo

TISAX

Automotive Industry Standard

Global United States Canada Asia Pacific Europe Privacy
Visit the AWS GDPR Center

AWS is committed to offering services and resources to our customers to help them comply with GDPR requirements that may apply to their activities.

EU flag

Certifications / Attestations:

Compliance certifications and attestations are assessed by a third-party, independent auditor and result in a certification, audit report, or attestation of compliance.

Laws / Regulations / Privacy:

AWS customers remain responsible for complying with applicable compliance laws and regulations. In some cases, AWS offers functionality (such as security features), enablers, and legal agreements (such as the AWS Data Processing Agreement and Business Associate Addendum) to support customer compliance.

No formal certification is available to (or distributable by) a cloud service provider within these law and regulatory domains.

Alignments / Frameworks:

Compliance alignments and frameworks include published security or compliance requirements for a specific purpose, such as a specific industry or function. AWS provides functionality (such as security features) and enablers (including compliance playbooks, mapping documents, and whitepapers) for these types of programs.

Requirements under specific alignments and frameworks may not be subject to certification or attestation; however, some alignments and frameworks are covered by other compliance programs.

compliance-contactus-icon
Have Questions? Connect with an AWS Business Representative
Exploring compliance roles?
Apply today »
Want AWS Compliance updates?
Follow us on Twitter »