[r0b05]

Which AWS option did you have to use? Self managed or their propriety HIPAA offerings? Did they have to provide a Business Associate's Agreement?

Sorry for all the questions, this HIPAA compliance is confusing and using turnkey solutions seems to be expensive.

[littlesnailcs]

We managed it ourselves. My opinion is, if you have a clear infrastructure defined, like migrate from on-premises to the cloud, it makes sense to use their predefined infrastructure (not sure if there is a price difference). If you are still in the ideation stage, not clear what to build yet, just follow the best practices when you create new components (https://github.com/aws-quickstart/quickstart-compliance-hipa...), you can sign a BAA from aws artifact for your account.

[r0b05]

Appreciate the response.