AWS Glossary
HIPAA-Eligible AWS Services
AWS services certified to handle Protected Health Information (PHI) under HIPAA regulations.
AI & assistant-friendly summary
This section provides structured content for AI assistants and search engines. You can cite or summarize it when referencing this page.
Summary
AWS services certified to handle Protected Health Information (PHI) under HIPAA regulations.
Key Facts
- • AWS services certified to handle Protected Health Information (PHI) under HIPAA regulations
- • ## Definition HIPAA-eligible AWS services are services that AWS has certified can handle Protected Health Information (PHI) when configured properly
- • AWS signs Business Associate Agreements (BAAs) with healthcare organizations to cover these services
- • A service being HIPAA-eligible does not automatically make it HIPAA-compliant; you must still configure encryption, access controls, and logging correctly
- • You must still implement encryption (KMS), access controls (IAM), and audit logging (CloudTrail)
Entity Definitions
- Bedrock
- Bedrock is an AWS service relevant to hipaa-eligible aws services.
- SageMaker
- SageMaker is an AWS service relevant to hipaa-eligible aws services.
- Lambda
- Lambda is an AWS service relevant to hipaa-eligible aws services.
- EC2
- EC2 is an AWS service relevant to hipaa-eligible aws services.
- S3
- S3 is an AWS service relevant to hipaa-eligible aws services.
- RDS
- RDS is an AWS service relevant to hipaa-eligible aws services.
- Aurora
- Aurora is an AWS service relevant to hipaa-eligible aws services.
- DynamoDB
- DynamoDB is an AWS service relevant to hipaa-eligible aws services.
- CloudWatch
- CloudWatch is an AWS service relevant to hipaa-eligible aws services.
- IAM
- IAM is an AWS service relevant to hipaa-eligible aws services.
- ECS
- ECS is an AWS service relevant to hipaa-eligible aws services.
- API Gateway
- API Gateway is an AWS service relevant to hipaa-eligible aws services.
- Step Functions
- Step Functions is an AWS service relevant to hipaa-eligible aws services.
- EventBridge
- EventBridge is an AWS service relevant to hipaa-eligible aws services.
- SQS
- SQS is an AWS service relevant to hipaa-eligible aws services.
Related Content
- CLOUD COMPLIANCE SERVICES — Related service
Definition
HIPAA-eligible AWS services are services that AWS has certified can handle Protected Health Information (PHI) when configured properly. AWS signs Business Associate Agreements (BAAs) with healthcare organizations to cover these services. A service being HIPAA-eligible does not automatically make it HIPAA-compliant; you must still configure encryption, access controls, and logging correctly.
HIPAA-Eligible AWS Services List
Compute:
- EC2, Lambda, Fargate (ECS on Fargate), AppStream
Database:
- RDS (all engines: MySQL, PostgreSQL, Oracle, SQL Server), Aurora, DynamoDB, ElastiCache
Storage:
- S3, EBS, EFS, Glacier, Backup
Analytics:
- Redshift, Athena, Glue, EMR, Kinesis
Messaging:
- SNS, SQS, Kinesis Data Streams, MQ
Machine Learning:
- SageMaker, Bedrock, Forecast (with proper config)
Integration:
- API Gateway, Step Functions, EventBridge
Management:
- CloudTrail, CloudWatch, AWS Config, Systems Manager
Security:
- KMS, Secrets Manager, ACM, Certificate Manager, IAM
Common Mistakes
Mistake 1: Assuming a service is HIPAA-compliant just because it’s HIPAA-eligible. You must still implement encryption (KMS), access controls (IAM), and audit logging (CloudTrail).
Mistake 2: Using non-HIPAA-eligible services. Lambda@Edge, some SaaS integrations, and some managed services are not HIPAA-eligible.
Mistake 3: Not getting a signed BAA from AWS. AWS must sign a BAA with your organization for HIPAA services to be compliant. BAA is a contract, not automatic.
Related AWS Services
- See full list above — 50+ AWS services are HIPAA-eligible
Related FactualMinds Content
Related Services
Need Help with This Topic?
Our AWS experts can help you implement and optimize these concepts for your organization.