This whitepaper extends the technical and configuration-related information for Amazon EKS provided in the Architecting for HIPAA Security and Compliance on Amazon Web Services whitepaper, and outlines how customers may use AWS services to run regulated containerized workloads in accordance with their U.S. Health Insurance Portability and Accountability Act (HIPAA) requirements.
This whitepaper focuses on the considerations pertaining to the HIPAA Privacy and Security Rules for protecting Protected Health Information (PHI); technical and configuration information regarding encrypting data in transit and at-rest; and, how Amazon Elastic Kubernetes Service (Amazon EKS) features can be used to run Kubernetes applications containing Protected Health Information (PHI). AWS does not provide legal or compliance advice. We recommend that customers consult their legal counsel if they have legal questions regarding HIPAA compliance. Customers are responsible for making their own independent assessment of the information in this paper and any use of AWS products or services, including whether the information or the AWS services meet their regulatory, compliance, or operational requirements.
