Is Amazon managed service for Grafana (AMG) HIPAA compliant?

Amazon Web Service (AWS) is a cloud computing service provider with many solutions for companies to build on the cloud. One of these solutions is Amazon Managed Service for Grafana. Let's explore if this is a HIPAA compliant tool for companies to use.

What is Amazon Managed Service for Grafana?

Amazon Managed Service for Grafana (AMG) is a fully managed data visualization service. It creates interactive data visualizations for companies to add, query, visualize, and analyze their AWS data.

Is AMG HIPAA compliant?

Covered entities need to keep data like protected health information (PHI) secure . If a third-party vendor stores, transmits, or accesses PHI, it is a business associate. As such, the vendor is obligated to protect PHI as well. To ensure that business associates are complying with HIPAA security standards, covered entities must sign a business associate agreement (BAA) with them. The BAA covers the duties and responsibilities of the business associate when handling PHI. Without a BAA in place, a business associate is not considered HIPAA compliant. Amazon does offer a BAA for a few of its AWS services, but AMG is not on the list of HIPAA-eligible services.

Conclusion

AMS for Grafana is not HIPAA compliant. Amazon will not sign a BAA for this particular service, which makes it ineligible for covered entities to use.

Partner with Paubox for HIPAA compliant email security

Choosing a HIPAA compliant vendor is crucial to preventing data breaches. This is especially true with your email security since PHI can often be mentioned.

HIPAA compliant email can be easily accomplished with Paubox Email Suite. Paubox has achieved HITRUST CSF certification and meets key regulatory requirements to manage risk. A BAA is included in all plans at no additional cost, so you can rest assured that Paubox is continuously working to provide the highest level of security for your emails. Paubox uses security features like blanket TLS encryption and two-factor authentication for ultimate protection. Our Plus and Premium plan levels also include our newest feature, Zero Trust Email, which ensures emails are genuine and not phishing scams. Paubox is easy for employees to use since it can send encrypted emails from your current email provider, like Google Workspace or Microsoft 365. Your patients will receive emails directly in their inboxes with no need for patient portals.