Update on March 13, 2019: The AWS Region in Paris is now certified.
At AWS, the security, privacy, and protection of customer data always comes first, which is why I am pleased to share the news that AWS has achieved “Hébergeur de Données de Santé” (HDS) certification. With HDS certification, customers and partners who host French Personal Health Information (PHI) are now able to use AWS services to store and process personal health data. The HDS certificate for AWS can be found in AWS Artifact.
Introduced by the French governmental agency for health, “Agence Française de la Santé Numérique” (ASIP Santé), HDS certification aims to strengthen the security and protection of personal health data. Achieving this certification demonstrates that AWS provides a framework for technical and governance measures to secure and protect personal health data, governed by French law. The HDS certification validates that AWS ensures data confidentiality, integrity, and availability to its customers and partners. AWS worked with Bureau Veritas, an independent third-party auditor, to achieve the certification.
By adopting the AWS cloud, hospitals, health insurance companies, researchers, and other organizations processing personal health data, will be able to improve agility and collaboration, increase experimentation, and foster innovation in order to provide the best possible patient care. The HDS certification currently covers two AWS Regions in Europe (Ireland and Frankfurt), and this will be followed by the AWS Region in Paris, which is planned for the second quarter of 2019.
HDS certification adds to the list of internationally recognized certifications and attestations of compliance for AWS, which include ISO 27017 for cloud security, ISO 27018 for cloud privacy, SOC 1, SOC 2, SOC 3, and PCI DSS (Level 1). You can learn more about AWS HDS certification and other compliance certifications and accreditations here.
Want more AWS Security how-to content, news, and feature announcements? Follow us on Twitter.