BAA-ready in 8 weeks, $3–8K/mo
HIPAA on AWS for healthtech — The Smallest Defensible Footprint
BAA-ready architecture for a Series A healthtech: $3–8K/month all-in, 8 weeks to audit, no $20K/mo HIPAA-wrapper tax. The smallest defensible footprint with a clear path to multi-tenant pool, silo, or zero-trust without redesigning the controls.
Last updated: May 1, 2026 Author: FactualMinds AWS Architects Reviewed by: Palaniappan P · AWS Solutions Architect — Professional
Problem
Most early-stage healthtech teams treat HIPAA as a wall — they default to a single-tenant siloed architecture, buy a third-party 'HIPAA-compliant' platform that costs $30K/month and locks them in, or freeze for two quarters trying to read the AWS HIPAA whitepaper. The result is overspending on infrastructure that does not yet have a customer to justify it, or a stack that cannot honestly defend itself in a BAA review.
Solution
Adopt a small set of HIPAA-eligible services with disciplined controls — encryption with customer-managed KMS keys, no PHI in logs, audit pipeline via CloudTrail Lake and AWS Config, and a documented control map per AWS Well-Architected. Pool-tier multi-tenant is HIPAA-compliant when controls are airtight; silo only when a contract genuinely requires it. AI features ride Bedrock and Bedrock AgentCore (both HIPAA-eligible since February 2026) — no separate compliance pathway needed.
AWS services in this pattern
| Service | Role |
|---|---|
| Amazon Cognito User Pools | HIPAA-eligible identity provider — handles MFA, password policy, and JWT issuance; supports SAML federation with EHR identity providers |
| Application Load Balancer + AWS WAF (v2) | HIPAA-eligible edge — TLS 1.3 termination, AWS WAF managed rule groups for OWASP top ten, geo-match, and rate limiting; WAF Classic is gone (retired Sep 2025), use WAF v2 |
| Amazon ECS Fargate | HIPAA-eligible serverless container compute — no host-OS patching, task-level IAM via task roles, and CPU/memory isolation per task |
| Amazon Aurora (PostgreSQL or MySQL) | HIPAA-eligible RDBMS — encrypted at rest with a customer-managed KMS key, automated backups encrypted, IAM authentication enabled, audit logging to CloudWatch |
| Amazon S3 with object-level KMS encryption | HIPAA-eligible object storage — bucket policies enforce TLS-only access, KMS CMK on every object, S3 Object Lock for retention requirements, Macie-scanned for accidental PHI exposure |
| AWS Key Management Service (KMS) | Customer-managed CMKs per workload boundary — automated annual rotation, key-policy least privilege, dedicated keys for the audit pipeline so security can decrypt without operator access |
| AWS CloudTrail Lake | Long-term audit-event store — every AWS API call retained 7+ years, encrypted with a dedicated CMK, queried via SQL when an investigation requires it |
| AWS Config (with HIPAA Conformance Pack) | Continuous configuration compliance — the HIPAA Conformance Pack ships ~50 managed rules, drift triggers SNS, remediation playbooks via Systems Manager |
| Amazon GuardDuty + Amazon Macie + AWS Security Hub | Threat detection (GuardDuty), automated PHI discovery in S3 (Macie), and findings aggregation (Security Hub) — the always-on signal pipeline a HIPAA auditor expects |
| Amazon Bedrock + Bedrock AgentCore | HIPAA-eligible since February 2026 — generative AI and production agent workflows on PHI-adjacent data without a separate compliance carve-out |
| AWS Audit Manager | Evidence collection automation — pre-built HIPAA framework, continuous evidence sampling, audit report generation; eliminates the spreadsheet-driven evidence-gathering quarter |
Architecture components
BAA boundary
Sign the AWS BAA at the AWS Organization level. Every account in the BAA scope inherits the agreement; SCPs restrict the use of non-HIPAA-eligible services in those accounts so the boundary cannot drift.
Encryption everywhere
Customer-managed KMS keys for every PHI-touching service — Aurora, S3, EBS, RDS Performance Insights, CloudWatch Logs, CloudTrail Lake. Default-encrypted is the floor; CMK is the contract.
Identity and access
Cognito user pools for application users with MFA enforced; AWS IAM Identity Center (formerly SSO) for engineering access with short-lived sessions; no long-lived access keys; Roles Anywhere for any external workload that needs AWS access.
Audit pipeline
CloudTrail (organization trail) → CloudTrail Lake for long-term storage and query; AWS Config for state diff and compliance; CloudWatch Logs for application audit events; all three encrypted with dedicated CMKs and access-restricted to the security team.
PHI containment
Macie scans S3 buckets continuously; CloudWatch Logs filter rules block obvious PHI patterns from reaching the log group; application code uses structured logging with explicit allowlist of fields; Bedrock Guardrails for any AI feature that could hallucinate PHI back into a response.
Evidence and reporting
Audit Manager runs the HIPAA framework continuously; evidence is collected automatically across services; the auditor gets a CSV plus the underlying assessment instead of a six-week scramble at certification time.
Why this pattern
Healthtech founders we work with arrive in one of three states. The first treats HIPAA as a wall and freezes for a quarter trying to read the AWS HIPAA whitepaper. The second buys a $25K/month “HIPAA-compliant platform” that adds almost no controls AWS does not already provide and locks the company into a vendor before it has revenue. The third over-engineers a siloed architecture for a customer base that does not yet exist.
The pattern below is none of those. It is the smallest defensible footprint — the AWS-native services that are HIPAA-eligible, the controls that a BAA review actually demands, and a documented path to scale into multi-tenant pool or silo without redesigning the audit pipeline. It is what we deploy at Series A and operate through Series B.
What “the smallest defensible footprint” actually contains
| Domain | Service | Why |
|---|---|---|
| Identity | Amazon Cognito | HIPAA-eligible; handles MFA + JWT for app users |
| Edge | ALB + AWS WAF v2 | TLS 1.3, OWASP managed rules, rate limiting |
| Compute | ECS Fargate | No host-OS patching; task-role IAM |
| Database | Aurora with KMS CMK | Encrypted, IAM auth, audit logging |
| Storage | S3 with KMS CMK + Object Lock | TLS-only bucket policy; retention as a control |
| Audit | CloudTrail Lake + AWS Config (HIPAA pack) | 7+ year retention, drift detection, queryable evidence |
| Threat detection | GuardDuty + Macie + Security Hub | Continuous, managed, no false-positive treadmill from a self-hosted SIEM |
| Evidence | AWS Audit Manager (HIPAA framework) | Continuous evidence collection |
| AI features | Bedrock + Bedrock AgentCore (both HIPAA-eligible) | No separate AI compliance pathway |
That is the entire scope. There is no separate “HIPAA platform,” no third-party SIEM, no per-tenant infrastructure. Each control has a single named owner; each service has a documented why-it-is-eligible note; the BAA boundary is enforced by SCP at the Organization level.
How this scales
Every choice in this pattern is upgrade-friendly:
- Multi-tenant scale-up: pool-tier today; bridge for the first enterprise tenant; silo for the regulated contract that demands it. The Multi-Tenant SaaS on AWS pattern has the full progression.
- Zero-trust scale-up: VPC Lattice in front of the services, AWS Verified Access for human access, IAM Roles Anywhere for non-AWS workloads — the Zero-Trust VPC pattern composes directly.
- AI feature scale-up: Bedrock Knowledge Bases on S3 Vectors with Guardrails; both HIPAA-eligible; both in the same BAA. The Generative AI RAG on Bedrock pattern adds the retrieval layer without a separate compliance review.
Healthtechs that pick this footprint at Series A and scale upward usually find that the pattern still passes a HITRUST CSF assessment at Series B with mostly process and documentation work, not infrastructure rework.
Where this pattern shows up in our consulting
We deploy this stack most often in Cloud Compliance Services and AWS Cloud Security engagements at Series A and Series B healthtechs — typically as a six-to-eight-week initiative that delivers the BAA-scoped accounts, the SCP boundary, the audit pipeline, the conformance pack, and a documented control map ready for the first HITRUST or SOC 2 + HIPAA assessment. The AWS Architecture Review engagement is the natural follow-up before the first enterprise customer ships.
Trade-offs
Pro
Pool-tier multi-tenant on disciplined controls is HIPAA-compliant — there is no AWS guidance that requires single-tenant isolation for HIPAA. Going pool-first saves an order of magnitude on infrastructure cost in the first 18 months and lets the team focus on product, not on per-tenant CI/CD.
Con
Pool-tier requires the controls to be genuinely airtight — every query, every cache key, every S3 path must include tenant_id, and a single missed filter is a HIPAA-reportable incident. Pool requires row-level-security discipline in every query. If your team cannot commit to that today, silo from day one is the safer choice.
Pro
Bedrock + Bedrock AgentCore being HIPAA-eligible since February 2026 means AI features no longer require a separate compliance pathway. Healthtechs can ship Bedrock-grounded chat or document workflows under the same BAA that covers their core stack — no third-party AI vendor in the BAA chain.
Con
Eligibility is service-level, not feature-level. Some Bedrock features (specific model marketplace integrations, certain cross-region inference patterns) may sit outside the HIPAA boundary on launch; verify each feature against the AWS HIPAA-eligible services reference before deploying it on PHI.
Pro
Audit Manager + AWS Config Conformance Pack collapses what was previously a six-week annual evidence-gathering exercise into a continuously-evidenced control state. The first audit is still material work; subsequent audits are mostly review.
Con
Audit Manager is opinionated about evidence shape. Some auditors still want narrative documentation that maps controls to specific operational practices — the tooling does not eliminate the need for a security-engineer FTE who owns the audit story.
Cost notes
A Series A healthtech with a small product team runs this stack for $3K–8K/month all-in — Aurora Serverless v2 (encrypted) at $400–800, Fargate compute at $300–700, S3 + KMS at $200–500, CloudTrail Lake + AWS Config at $300–600, GuardDuty + Macie at $400–800, Bedrock at usage-based ($0–500 early-stage). The HIPAA controls add 10–15% over a non-HIPAA equivalent stack — almost entirely the audit pipeline (CloudTrail Lake retention, Macie scanning, Audit Manager). Two patterns we see destroy healthtech unit economics: paying $20K+/month for a third-party 'HIPAA-compliant' wrapper that adds no controls AWS does not already provide, and defaulting to silo at sub-$5K ACV, which inflates infrastructure cost for no compliance gain.
Related patterns
Zero-trust VPC on AWS — VPC Lattice, Verified Access, and IAM-everywhere
Identity-aware networking on AWS — VPC Lattice for service-to-service auth, IAM Roles Anywhere for non-AWS workloads, AWS Verified Access for human and device trust, Verified Permissions for fine-grained authz, PrivateLink for SaaS consumption. No implicit trust based on IP or VPC peering.
Multi-Tenant SaaS on AWS — Pool, Silo, and Bridge
Production-ready multi-tenant architecture for SaaS on AWS. Covers tenant isolation models (pool, silo, bridge), per-tenant cost attribution, noisy-neighbor mitigation, and the trade-offs CTOs actually wrestle with at Series B and beyond.
Generative AI RAG on Bedrock — S3 Vectors + Knowledge Bases
Production retrieval-augmented generation on AWS — Bedrock Knowledge Bases on S3 Vectors for cost-efficient retrieval, Bedrock Guardrails for safety, and per-tenant inference profiles for spend caps. The 2026 AWS-native default for enterprise RAG.
Consulting engagements that deliver this pattern
Cloud Compliance Services — HIPAA, SOC 2, PCI DSS on AWS
Cloud compliance services — HIPAA, SOC 2, PCI DSS, ISO 27001, GDPR. Expert consulting from FactualMinds.
AWS Security Consulting
AWS security consulting from an AWS Select Tier Partner. 2-week assessment, 4–6 week remediation, zero disruption. IAM hardening, public exposure, compliance gaps, and continuous monitoring.
AWS Well-Architected Review — Free Assessment
Free AWS Well-Architected Review from FactualMinds. Identify risks, compliance gaps, and optimization opportunities.
Deep dives
HIPAA on AWS: The Compliance Lead's Audit-Ready Checklist
An audit-prep checklist for Compliance Leads, Security Officers, and CISOs — BAA execution, documented Security Risk Assessments, workforce training, audit cadence, and the evidence packages OCR investigators expect when they show up.
How to Implement a HIPAA-Compliant Architecture on AWS — An Engineer's Build Guide
A solutions architect's build guide for HIPAA on AWS. KMS key strategy, VPC isolation, RDS/S3/Lambda configuration patterns, IaC controls, and continuous validation — code-level decisions, not policy templates.
HIPAA-Compliant AI on AWS Bedrock: A Production Guide for Healthcare Workloads
Production guide for HIPAA-compliant generative AI on AWS Bedrock — BAA scope, eligible models, Guardrails for PHI redaction, Knowledge Bases for RAG over clinical data, VPC isolation, and the audit evidence package OCR investigators expect.
How to Set Up AWS Security Hub for Compliance Monitoring
AWS Security Hub aggregates security findings from 200+ sources (GuardDuty, Config, IAM Access Analyzer, Inspector). This guide covers setup, compliance standards (PCI-DSS, CIS, NIST), automated remediation, and building a compliance dashboard without hiring a SOC team.
Frequently asked questions
Which AWS region should we pick for HIPAA?
Default to us-east-1 unless you have data-residency, latency, or disaster-recovery reasons to choose otherwise. Every commercial AWS region supports the BAA — there is no separate 'HIPAA region' the way GovCloud is for FedRAMP. The real constraint is per-service eligibility, published in the AWS HIPAA-eligible services reference and updated regularly. As of 2026 there are 160+ HIPAA-eligible services, including Bedrock and Bedrock AgentCore. Use SCPs to deny non-HIPAA-eligible services in HIPAA-scoped accounts so the boundary cannot drift accidentally.
Pool versus silo for multi-tenant HIPAA — what is the right default?
Pool-tier on disciplined controls is HIPAA-compliant. The HIPAA Security Rule does not specify isolation; it specifies controls — encryption, access management, audit, integrity. Pool-tier with row-level security on Aurora, tenant_id metadata filters on S3 and Bedrock, a documented control map, and a tested incident-response plan passes a HIPAA review. Silo-by-default at low ACV is a finance trap that does not buy you any compliance posture you do not already have. The Multi-Tenant SaaS on AWS pattern walks the controls in detail.
How does Bedrock fit under HIPAA?
Bedrock and Bedrock AgentCore became HIPAA-eligible in February 2026. You can run RAG, agents, and document-processing workflows on PHI-adjacent data under the same BAA that covers Aurora and S3. The control story is the same as for any HIPAA-eligible service — KMS encryption, audit logging via CloudTrail, no PHI in unredacted prompts, Bedrock Guardrails for additional safety. The Generative AI RAG on Bedrock pattern composes directly with this one.
What does the audit timeline actually look like?
Most healthtechs we work with target a HITRUST CSF certification or a SOC 2 Type 2 with HIPAA mapping rather than a HIPAA audit per se (HIPAA itself is an enforcement framework, not a certification). The first certification cycle takes about six months — three to design and document controls, three to operate and collect evidence. Audit Manager + Config Conformance Pack collapses subsequent cycles to roughly a quarter of evidence review.
Do we need a SIEM separate from Security Hub and CloudTrail Lake?
Most Series A healthtechs do not. Security Hub aggregates findings, CloudTrail Lake handles long-term audit query, GuardDuty runs continuous threat detection, and Macie does PHI discovery — that pipeline covers the BAA-required telemetry. A standalone SIEM (Splunk, Sumo, third-party MDR) is justified once you have a dedicated security team that needs cross-source correlation at scale, typically Series B+. Until then, Security Hub plus a managed SOC engagement is the right shape.
What about HITRUST or HIGH-trust-level certifications?
HITRUST CSF is the most common path for healthtech selling to large health systems. The architectural controls are the same as for HIPAA; the difference is in evidence rigor and the third-party assessor relationship. AWS Audit Manager has a HITRUST framework alongside the HIPAA framework. Plan an additional 4–8 weeks of preparation versus HIPAA-only — most of it is documentation and process, not infrastructure rework.
Want this pattern deployed end-to-end?
Our team builds these patterns in production for SaaS, healthcare, fintech, and enterprise customers. Tell us your constraints and we'll scope the engagement.