Amazon ElastiCache
User Guide (API Version 2015-02-02)

HIPAA Compliance for Amazon ElastiCache for Redis

You can find information about Amazon ElastiCache for Redis requirements for HIPAA compliance at ElastiCache for Redis HIPAA Requirements. There is no additional charge beyond the normal ElastiCache for Redis charges for making your cluster HIPAA-compliant.

The AWS HIPAA compliance program includes Amazon ElastiCache for Redis as a HIPAA Eligible Service. If you have an executed Business Associate Agreement (BAA) with AWS, you can use Amazon ElastiCache for Redis to build your HIPAA-compliant applications containing protected health information (PHI). For more information, see HIPAA Compliance. AWS Services in Scope have been fully assessed by a third-party auditor and result in a certification, attestation of compliance, or Authority to Operate (ATO). For more information, see AWS Services in Scope by Compliance Program.

ElastiCache for Redis HIPAA Requirements

To enable HIPAA support on your ElastiCache for Redis cluster, in addition to executing the BAA, your cluster and nodes within the cluster must satisfy the following requirements:

When you have created a compliant ElastiCache for Redis cluster, you can start storing PHI. If you want, you can seed the new cluster with data from an existing cluster. For more information, see the following:

For general information about AWS Cloud and HIPAA compliance, see the following: