Architecting for HIPAA Security and Compliance on Amazon EKS

This white paper focuses on the considerations pertaining to the HIPAA Privacy and Security Rules for protecting Protected Health Information (PHI); technical and configuration information regarding encrypting data in transit and at-rest; and, how Amazon Elastic Kubernetes Service (Amazon EKS) features can be used to run Kubernetes applications containing Protected Health Information (PHI). AWS does not provide legal or compliance advice. We recommend that customers consult their legal counsel if they have legal questions regarding HIPAA compliance. Customers are responsible for making their own independent assessment of the information in this paper and any use of AWS products or services, including whether the information or the AWS services meet their regulatory, compliance, or operational requirements