Security & Compliance Use Cases
Explore example use cases and learn how AWS cloud-technology can help you to comply with an array of global regulatory frameworks while offering an infrastructure built for the most secure organizations in the world.
-
GxP and Data Privacy
-
HITRUST CSF and other Industry Standards
-
GxP and Data Privacy
-
GxP and Data Privacy
The pharma and medical device industries operate under extensive regulations, including Good Practice (GxP) guidelines. Additionally, many organizations are also subject to the Health Insurance Portability and Accountability Act (HIPAA), or General Data Protection Regulation (GDPR), for the creation, receipt, maintenance or transmission of protected health information (PHI).
The AWS Cloud offers over 100 HIPAA-eligible services and more than 500 features and services focused on security and compliance. AWS provides documentation tools, guidance, and compliance experts to help companies build applications that support their GxP and health data privacy compliance. AWS also offers an ecosystem of AWS Partner Network (APN) partners to support life science companies that need to run regulated workloads in the cloud.
Case studies
Whitepaper
GxP in the AWS Cloud- the compliance and efficiency benefits of rethinking regulated workloads
Merck Webinar
In this webinar, learn how Merck setup GxP System Assurance (Merck Managed Cloud) using AWS.
GxP on AWS webpage
Dive deep into GxP requirements, compatibility, and compliance and access related documentation from AWS.
HIPAA FAQ
Frequently asked questions about HIPAA
AWS GDPR Center
Dive deep into AWS service capabilities for GDPR privacy considerations and access related documentation from AWS.
Related resources
Blog
GxP on AWS
Whitepaper
Introduction to auditing the use of AWS
Whitepaper
Considerations for using AWS products in GxP systems
Whitepaper
Architecting for HIPAA security and compliance on AWS
Whitepaper
Navigating GDPR compliance on AWS
Training
Introductory eLearning course for healthcare and life sciences compliance on AWS
-
HITRUST CSF and other Industry Standards
-
HITRUST CSF and other Industry Standards
Life Sciences companies globally may need to comply with an array of additional regulatory frameworks. AWS offers a wide variety of certifications and attestations, covering compliance programs from around the globe, including certifications for IT industry standards such as ISO 9001, 27001, 27017 and 27018 among others.
Life science organizations and APN Partners can leverage AWS’s HIPAA, GDPR, ISO, SOC, and other compliance programs to help meet the certification requirements for Health Information Trust Alliance (HITRUST), and Electronic Healthcare Network Accreditation Commission (EHNAC), as part of the shared responsibility model. AWS customers can design and implement an AWS environment, and use AWS services in a manner that satisfies the requirements under HITRUST CSF. Customers can also leverage certain controls established under the HITRUST CSF validated assessment of AWS services.
Resources
HITRUST on AWS
Dive deep into how to use AWS services in a manner that supports the requirements of HITRUST CSF.
Blog
64 AWS services achieve HITRUST certification
Chart
ISO Certifications
Chart
AWS service capabilities for privacy considerations
Blog
AWS shared responsibility model and GDPR
Blog
How AWS supports customers and APN Partners on the journey to GDPR compliance