Paubox blog: HIPAA compliant email made easy

Are Amazon EC2 Mac instances HIPAA compliant? (Update 2024)

Written by Tshedimoso Makhene | January 04, 2024

Amazon EC2 Mac instances are a specialized offering within Amazon Web Services (AWS) that provides access to macOS environments in the cloud. 

Amazon Elastic Compute Cloud (Amazon EC2) provides on-demand, scalable computing capacity in the Amazon Web Services (AWS) Cloud. Using Amazon EC2 reduces hardware costs, so you can develop and deploy applications faster.

 

Is Amazon EC2 Mac Instances HIPAA compliant? Yes, based on our research, Amazon EC2 Mac Instances is HIPAA compliant.

See alsoWhat is the key to HIPAA compliance?

 

Will Amazon EC2 MAC Instances sign a business associate agreement (BAA)?

Yes, Amazon EC2 MAC Instances will sign a business associate agreement, which can be reviewed here.

 

What does the Amazon EC2 Mac Instances BAA cover?

The Amazon Web Service (AWS) BAA covers the use and disclosure of protected health information (PHI), stating, "AWS maintains a standards-based risk management program to ensure that the HIPAA-eligible services specifically support HIPAA administrative, technical, and physical safeguards. Using these services to store, process, and transmit PHI helps our customers and AWS address the HIPAA requirements applicable to the AWS utility-based operating model."

Their BAA covers:

  • Encryption of PHI at rest and in transit 
  • Access controls
  • Auditing
  • Incident response
  • Data backup plan
  • Disaster recovery

See alsoHIPAA Compliant Email: The Definitive Guide

 

Conclusion

Amazon EC2 Mac Instances signs a BAA and is therefore HIPAA compliant.

 

FAQS

What is a business associate agreement?

business associate agreement (BAA) is a legally binding contract establishing a relationship between a covered entity under the Health Insurance Portability and Accountability Act (HIPAA) and its business associates. The purpose of this agreement is to ensure the proper protection of personal health information (PHI) as required by HIPAA regulations.

 

What is HIPAA?

The Health Insurance Portability and Accountability Act (HIPAA) sets national standards for protecting the privacy and security of certain health information, known as protected health information (PHI).

 

HIPAA is designed to protect the privacy and security of individuals’ health information and to ensure that healthcare providers and insurers can securely exchange electronic health information. Violations of HIPAA can result in significant fines and penalties for covered entities.

 

Who does HIPAA apply to?

HIPAA applies to covered entities, which include healthcare providers, health plans, and healthcare clearinghouses. It also applies to business associates of these covered entities. These are entities that perform certain functions or activities on behalf of the covered entity.

Learn more