[technics256]

Interesting, haven't heard of this. Always figured aws and gcp were ahead of azure in terms of Healthcare

[fishpen0]

They are, so I want to smash my face in once a month or so when this boogeyman is dragged up out of hell during executive calls

[kstrauser]

AWS is fine for building out HIPAA services. They have a decent portal at https://aws.amazon.com/compliance/hipaa-compliance/ explaining their compliance, which services you can use, and how to get them to sign a Business Associate Agreement (BAA).

I haven't done healthcare stuff in GCP or Azure so I can't compare, but AWS is _not_ a blocker for HIPAA.

[FireBeyond]

> I haven't done healthcare stuff in GCP

My understanding is that Google will not agree to any of the liability provisions inherent to a BAA, no matter how large your size.

[kstrauser]

Someone else linked to https://cloud.google.com/security/compliance/hipaa which says:

> Google will enter into Business Associate Agreements with customers as necessary under HIPAA.

Huh! That's a pleasant surprise.

[selinkocalar]

I've heard that that page is outdated and instead if you sign into G Suite as an admin, go to the admin console (admin.google.com/ac/companyprofile/legal) and then go to "Security and Privacy Additional Terms" you can review sign a BAA.

[robertlagrant]

They're ahead technically, but, for example, Microsoft has its claws in a lot of the NHS in the UK.