Hacker News new | ask | show | jobs
by rficcaglia 3121 days ago
Where in the CFR does it say you have to use physical servers or even dedicated cloud instances? AWS will sign a BAA for dedicated instances only (biz policy, not for any valid security reason), but dedicated servers are not required by HIPAA.
1 comments
Merrack 3120 days ago
The requirement for dedicated instances was lifted earlier this year. See https://aws.amazon.com/blogs/apn/aws-hipaa-program-update-re... for more info.
link
rficcaglia 3112 days ago
Thank you! Slipped by my addictive refresh of What’s New!
link