Life Sciences Compliance in the Cloud

Industries that are developing or manufacturing drugs and medical devices are using AWS to build and run computer systems supporting their Good Laboratory, Clinical, and Manufacturing Practices (GxP). Building GxP systems using AWS allows you to improve the control you have over your IT environment, gives you enhanced testing and traceability, and helps you respond to audits. AWS gives you access to a variety of services that are in use around the world by regulated industries and their partners, and AWS has a whitepaper, developed with contributions from international compliance consulting firm Lachman Consultants, on building validated systems in the cloud.


AWS & Data Privacy

AWS takes data privacy very seriously, and maintaining customer trust is an ongoing commitment. Customers always manage access to their services and content. We do not access or use customer content for any purpose without the customer’s consent. Customers choose the region(s) in which their customer content will be stored. We will not move or replicate customer content outside of the customer’s chosen region(s) without the customer’s consent.

Learn more »


Shared Responsibility

Understanding how to build healthcare applications on AWS means understanding the shared responsibility model. In the AWS Cloud, security is shared between AWS and the customer, meaning that certain elements of security - such as physical security of the underlying infrastructure - are now the responsibility of AWS. Customers are still responsible for other aspects of security, such as the security measures used to protect your applications - which is no different than if your application was running in a traditional data center.

Learn more »

Industry-Health_Segment-LifeSciences_AWS & GxP Compliance_Segment

AWS & GxP Compliance

You can use AWS to build applications that supporting their Good Laboratory, Clinical, and Manufacturing Practices (GxP). If you plan to run applications that support GxP compliance, it is recommended that you do your due diligence, and consult AWS or your internal compliance department before implementing.

Example reference architectures »

Additional Resources for Building GxP Applications on AWS



Consistent and Controllable Infrastructure

By leveraging the AWS Cloud to enable your GxP environment, you can create templates that allow you to use your infrastructure throughout your organization with a high degree of consistency. AWS also gives you deep control over who can affect elements of your infrastructure software and when, where, and how they do it.

See how Merck has set up GxP System Assurance in the AWS Cloud »

Learn how Moderna Therapeutics set-up a GMP manufacturing facility »


Repeatedly Test Your Environment

When you build validated applications using AWS, you are using infrastructure software products instead of physical hardware. This means you can repeatedly test and monitor your environment for compliance, rather than rely on manual, point-in-time activities you might be using for services built with on-premises infrastructure.

See how Merck has used AWS for GxP and continuous compliance »

Learn more about continuous compliance on AWS Cloud »


Automatic Traceability

When you deploy AWS’ software infrastructure, you can also use AWS tools to automatically log a wide range of activities in your environment, including how the infrastructure is deployed and how the infrastructure is accessed and configured. This improves traceability in your environment, making it easier to support audit requests.

Get started

Leading companies in life sciences are already using AWS. Contact our experts and start your own AWS Cloud journey today.