CCG Logo
HIPAA Compliant Hosting

HIPAA Eligible AWS Services

The following services have been approved for HIPAA work loads. While most clients will not utilize most of these services, we want to provide an up to date listing of available HIPAA Compliant services that can be used with our hosting stack.

  • Alexa for Business (for healthcare skills only – requires Alexa Skills BAA)
  • AWS Amplify Console
  • Amazon API Gateway
  • AWS Application Migration Service
  • Amazon AppStream 2.0
  • Amazon AppFlow
  • AWS AppSync
  • AWS App Mesh
  • Amazon Athena
  • Amazon Augmented AI [excludes Public Workforce and Vendor Workforce for all features]
  • Amazon Aurora
  • AWS Backup
  • AWS Batch
  • AWS Certificate Manager
  • Amazon Chime
  • AWS Clean Rooms
  • AWS Cloud 9
  • Amazon Cloud Directory
  • AWS Cloud Map
  • AWS CloudEndure [including CloudEndure Disaster Recovery and CloudEndure Migration]
  • AWS CloudFormation
  • Amazon CloudFront [including Lambda@Edge]
  • AWS CloudHSM
  • AWS CloudShell
  • AWS CloudTrail
  • Amazon CloudWatch
  • Amazon CloudWatch Events [including Amazon EventBridge]
  • Amazon CloudWatch Logs
  • Amazon CloudWatch SDK Metrics
  • AWS CodeBuild
  • AWS CodeCommit
  • AWS CodeDeploy
  • AWS CodePipeline
  • Amazon Cognito
  • Amazon Comprehend
  • Amazon Comprehend Medical
  • AWS Config
  • Amazon Connect [excludes GetMetricDataV2 API]
  • AWS Control Tower
  • AWS Data Exchange
  • AWS Database Migration Service (DMS)
  • AWS DataSync
  • Amazon Detective
  • Amazon DevOps Guru
  • AWS Direct Connect
  • AWS Directory Service [excludes Simple AD]
  • Amazon DocumentDB (with MongoDB compatibility)
  • Amazon DynamoDB
  • Amazon EC2 Auto Scaling
  • Amazon ElastiCache
  • AWS Elastic Beanstalk
  • Amazon Elastic Block Store (Amazon EBS)
  • Amazon Elastic Compute Cloud (Amazon EC2)
  • Amazon Elastic Container Registry (ECR)
  • Amazon Elastic Container Service (ECS) [both Fargate and EC2 launch types]
  • AWS Elastic Disaster Recovery
  • Amazon Elastic File System (EFS)
  • Amazon Elastic Kubernetes Service (EKS)
  • Elastic Load Balancing
  • Amazon Elastic MapReduce (EMR)
  • AWS Elemental MediaConnect
  • AWS Elemental MediaConvert
  • AWS Elemental MediaLive
  • AWS Firewall Manager
  • Amazon Forecast
  • Amazon FreeRTOS
  • Amazon FSx
  • AWS Global Accelerator
  • AWS Glue (including AWS Lake Formation)
  • AWS Glue DataBrew
  • Amazon GuardDuty
  • Amazon HealthLake
  • Amazon Inspector
  • AWS IoT Core
  • AWS IoT Device Management
  • AWS IoT Events
  • AWS IoT Greengrass
  • AWS IoT SiteWise
  • Amazon Kendra
  • AWS Key Management Service (KMS)
  • Amazon Keyspaces (For Apache Cassandra)
  • Amazon Kinesis Data Analytics
  • Amazon Kinesis Data Streams
  • Amazon Kinesis Data Firehose
  • Amazon Kinesis Video Streams
  • AWS Lambda
  • Amazon Lex
  • Amazon Location Service
  • Amazon Macie
  • AWS Mainframe Modernization
  • AWS Managed Services [excluding Operations on Demand Services, except for the RFC Expedite feature]
  • Amazon Managed Workflow for Apache Airflow
  • Amazon Managed Streaming for Apache Kafka
  • Amazon MemoryDB for Redis
  • Amazon MQ
  • Amazon Neptune
  • AWS Network Firewall
  • Amazon Omics
  • Amazon OpenSearch Service
  • AWS OpsWorks for Chef Automate
  • AWS OpsWorks for Puppet Enterprise
  • AWS OpsWorks Stacks
  • AWS Organizations
  • AWS Outposts
  • Amazon Personalize
  • Amazon Pinpoint [excluding Voice Message capabilities]
  • Amazon Polly
  • AWS Private Certificate Authority
  • Amazon Quantum Ledger Database (QLDB)
  • Amazon QuickSight
  • Amazon Rekognition
  • Amazon Redshift
  • Amazon Relational Database Service (Amazon RDS) [SQL Server, MySQL, Oracle, PostgreSQL, and MariaDB engines only]
  • AWS Resource Access Manager (RAM)
  • AWS RoboMaker
  • Amazon Route 53
  • Amazon S3 Glacier
  • Amazon SageMaker [excludes Studio Lab, Ground Truth Plus, Public Workforce and Vendor Workforce for all features]
  • AWS Secrets Manager
  • AWS Security Hub
  • AWS Service Catalog
  • AWS Serverless Application Repository
  • AWS Server Migration Service (SMS)
  • AWS Shield [Standard and Advanced]
  • Amazon Simple Email Service (Amazon SES)
  • Amazon Simple Notification Service (SNS)
  • Amazon Simple Queue Service (SQS)
  • Amazon Simple Storage Service (Amazon S3) [including S3 Transfer Acceleration]
  • Amazon Simple Workflow Service (SWF)
  • AWS Single Sign-On
  • AWS Snowball
  • AWS Snowball Edge
  • AWS Snowmobile
  • AWS Step Functions
  • AWS Storage Gateway
  • AWS Systems Manager
  • Amazon Textract
  • Amazon Timestream
  • Amazon Transcribe
  • AWS Transfer for SFTP
  • Amazon Translate
  • Amazon Virtual Private Cloud (VPC)
  • AWS Web Application Firewall (WAF)
  • AWS Wickr
  • Amazon WorkDocs [Excluding Adding Controls for Deleting Previous File Version Feature]
  • Amazon WorkLink
  • Amazon WorkSpaces
  • Amazon WorkSpaces Web
  • AWS X-Ray
  • VM Import/Export

NOTE: If you are a Covered Entity or Business Associate as defined by the Health Insurance Portability and Accountability Act of 1996 (as amended, “HIPAA”), you agree not to use these HIPAA Eligible Services for any purpose or in any manner involving Protected Health Information (as defined by HIPAA) without first entering into an AWS business associate agreement.

Last Updated: 2023-16-06

Get instant access to HIPAA Compliance News and Updates

You'll get your first checklist as soon as you sign up!

overlapping hands

Our Mission

To safeguard medical data by providing secure, reliable, and fully HIPAA-compliant hosting solutions, enabling healthcare professionals to focus on their primary mission of providing care.
CCG Logo
HIPAA Compliant Hosting
The premier choice for HIPAA Compliant Hosting services in the United States.
© HIPAA Compliant Hosting. All rights reserved.
linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram