blocks|key|2326751|text|最近的答案发生了变化。根据RDS的文档/常见问题，RDS现在符合HIPAA：|type|unstyled|depth|inlineStyleRanges|entityRanges|data|2326752|如果我有一个带有AWS的BAA，我可以在我的AWS帐户中使用什么服务？
客户可以在指定为HIPAA帐户的帐户中使用任何AWS服务，但他们只应该在BAA中定义的符合条件的服务中处理、存储和传输PHI。目前有9种符合标准的服务，包括亚马逊DynamoDB、亚马逊EBS、亚马逊EC2、亚马逊弹性MapReduce+(EMR)、亚马逊弹性负载均衡器(ELB)、亚马逊冰川、亚马逊关系数据库服务(+Amazon+Relational+Database+Service+)+MySQL和甲骨文引擎、亚马逊Redshift和亚马逊S3。|blockquote|offset|length|style|BOLD|2326753|来源|2326754|entityMap|0|LINK|mutability|MUTABLE|url|https://aws.amazon.com/compliance/hipaa-compliance/#What_Services_Can_I_Use_in_My_AWS_Account_if_I_Have_a_BAA_with_AWS?^0|0|53|27|0|0|2|0|2|0|0^^$0|@$1|2|3|4|5|6|7|S|8|@]|9|@]|A|$]]|$1|B|3|C|5|D|7|T|8|@$E|U|F|V|G|H]]|9|@]|A|$]]|$1|I|3|J|5|6|7|W|8|@$E|X|F|Y|G|H]]|9|@$E|Z|F|10|1|11]]|A|$]]|$1|K|3|-4|5|6|7|12|8|@]|9|@]|A|$]]]|L|$M|$5|N|O|P|A|$Q|R]]]]

The answer just recently changed. RDS is now HIPAA compliant, per their documentation/FAQ:
<blockquote>
What Services Can I Use in My AWS Account if I Have a BAA with AWS?
Customers may use any AWS service in an account designated as a HIPAA account, but they should only process, store and transmit PHI in the HIPAA-eligible services defined in the BAA. There are nine HIPAA-eligible services today, including Amazon DynamoDB, Amazon EBS, Amazon EC2, Amazon Elastic MapReduce (EMR), Amazon Elastic Load Balancer (ELB), Amazon Glacier, Amazon Relational Database Service (RDS) [MySQL and Oracle engines], Amazon Redshift, and Amazon S3.
</blockquote>
<a href="https://aws.amazon.com/compliance/hipaa-compliance/#What_Services_Can_I_Use_in_My_AWS_Account_if_I_Have_a_BAA_with_AWS?" rel="noreferrer">Source</a>

blocks|key|1028964|text|@Dang|type|unstyled|depth|inlineStyleRanges|entityRanges|data|1028965|没有AWS官方文档表明RDS可以使HIPAA兼容。相反，EC2、S3和EBS是已知的服务。使AWS服务符合HIPAA的方法如下：|1028966|客户必须将BAA覆盖的每个帐户标识为“HIPAA帐户”。|unordered-list-item|1028967|客户只能在EC2、S3和EBS上处理、存储或传输PHI。|1028968|客户必须对PHI数据使用专用实例-+http://aws.amazon.com/dedicated-instances/。|offset|length|1028969|客户必须使用VPC。|1028970|客户必须按照一定的最低加密标准加密所有PHI。|1028971|客户可以在其“HIPAA帐户”中使用任何AWS服务来获取非PHI的数据。|1028972|因此，要从AWS获得BAA协议，您需要运行在VPC中的专用实例，而不是“经典”EC2。(从一开始，专用实例的定价就下降了很多。)|1028973|我不能肯定地评论RDS。我所知道的RDS可以非常安全，通过端口443使用SSL。|1028974|我的建议是，如果你是一个授权的AWS客户，请与AWS客户服务主管沟通，因为他们是验证我的答案的最佳人选。|1028975|谢谢|1028976|entityMap|0|LINK|mutability|MUTABLE|url|http://aws.amazon.com/dedicated-instances/^0|0|0|0|0|I|16|0|0|0|0|0|0|0|0|0^^$0|@$1|2|3|4|5|6|7|18|8|@]|9|@]|A|$]]|$1|B|3|C|5|6|7|19|8|@]|9|@]|A|$]]|$1|D|3|E|5|F|7|1A|8|@]|9|@]|A|$]]|$1|G|3|H|5|F|7|1B|8|@]|9|@]|A|$]]|$1|I|3|J|5|F|7|1C|8|@]|9|@$K|1D|L|1E|1|1F]]|A|$]]|$1|M|3|N|5|F|7|1G|8|@]|9|@]|A|$]]|$1|O|3|P|5|F|7|1H|8|@]|9|@]|A|$]]|$1|Q|3|R|5|F|7|1I|8|@]|9|@]|A|$]]|$1|S|3|T|5|6|7|1J|8|@]|9|@]|A|$]]|$1|U|3|V|5|6|7|1K|8|@]|9|@]|A|$]]|$1|W|3|X|5|6|7|1L|8|@]|9|@]|A|$]]|$1|Y|3|Z|5|6|7|1M|8|@]|9|@]|A|$]]|$1|10|3|-4|5|6|7|1N|8|@]|9|@]|A|$]]]|11|$12|$5|13|14|15|A|$16|17]]]]

@Dang

There is no AWS offical documentation that says RDS can be made HIPAA compliant. Instead EC2, S3 and EBS are known services. The way to get HIPAA compliant for your AWS services follow this:

<ul>
<li>Customers must identify to AWS each account to be covered by the BAA
as a 'HIPAA Account'.</li>
<li>Customers may process, store or transmit PHI only on EC2, S3 and EBS.</li>
<li>Customers must use Dedicated instances for PHI data -
<a href="http://aws.amazon.com/dedicated-instances/" rel="nofollow noreferrer">http://aws.amazon.com/dedicated-instances/</a></li>
<li>Customers must use VPC</li>
<li>Customers must encrypt all PHI in accordance with certain minimum
encryption standards</li>
<li>Customers may use any AWS service in their 'HIPAA Account' for data
that is not PHI</li>
</ul>

So, to get a BAA agreement from AWS you'll need dedicated instances running in a VPC, not the "classic" EC2. (Pricing for dedicated instances has come down a lot since the very beginning.)

I cannot comment about RDS for sure. What I know RDS can be made quite secure, using SSL over port 443. 

What I suggest that If you are an authorized AWS customer, speak to AWS customer care executive as they are the best to validate my answer.

Thanks

blocks|key|2326788|text|引用2015年12月发布的白皮书(以下链接)，一旦签署业务关联协议并指定帐户为"HIPAA帐户“，Oracle的Amazon和Mysql的Amazon可根据HIPAA标准使用。|type|unstyled|depth|inlineStyleRanges|entityRanges|data|2326789|链接到白皮书-+Whitepaper.pdf|offset|length|2326790|entityMap|0|LINK|mutability|MUTABLE|url|https://d0.awsstatic.com/whitepapers/compliance/AWS_HIPAA_Compliance_Whitepaper.pdf^0|0|8|E|0|0^^$0|@$1|2|3|4|5|6|7|N|8|@]|9|@]|A|$]]|$1|B|3|C|5|6|7|O|8|@]|9|@$D|P|E|Q|1|R]]|A|$]]|$1|F|3|-4|5|6|7|S|8|@]|9|@]|A|$]]]|G|$H|$5|I|J|K|A|$L|M]]]]

Quoting the whitepaper released by Amazon Web Services on December 2015 (link mentioned below )
Amazon RDS for Oracle and Amazon RDS for Mysql are available for use under HIPAA standards once you sign an Business associate agreement and your account is designated as an "HIPAA account" 
Link to the white paper - <a href="https://d0.awsstatic.com/whitepapers/compliance/AWS_HIPAA_Compliance_Whitepaper.pdf" rel="nofollow">https://d0.awsstatic.com/whitepapers/compliance/AWS_HIPAA_Compliance_Whitepaper.pdf</a>

blocks|key|2326845|text|Amazon是一个AWS+HIPAA-合格服务，意思是它可以与|type|unstyled|depth|inlineStyleRanges|entityRanges|offset|length|data|2326846|为了在AWS中兼容HIPAA，您的团队必须执行以下操作：|2326847|与AWS签署商业联合协议(BAA)。此协议概述了云提供商和云客户之间共享的HIPAA安全责任。|ordered-list-item|2326848|采取适当的行政政策和程序|2326849|为单个云服务(如RDS、EC2和S3+)实现所有必要的安全配置。安全标准包括围绕加密、备份和灾难恢复以及访问控制配置安全措施。|2326850|您可以看看这个以符合HIPAA的方式使用Amazon指南。|2326851|entityMap|0|LINK|mutability|MUTABLE|url|https://aws.amazon.com/compliance/hipaa-eligible-services-reference/|1|https://www.dashsdk.com/docs/aws/hipaa/amazon-rds/^0|9|E|0|0|0|0|0|0|7|J|1|0^^$0|@$1|2|3|4|5|6|7|Y|8|@]|9|@$A|Z|B|10|1|11]]|C|$]]|$1|D|3|E|5|6|7|12|8|@]|9|@]|C|$]]|$1|F|3|G|5|H|7|13|8|@]|9|@]|C|$]]|$1|I|3|J|5|H|7|14|8|@]|9|@]|C|$]]|$1|K|3|L|5|H|7|15|8|@]|9|@]|C|$]]|$1|M|3|N|5|6|7|16|8|@]|9|@$A|17|B|18|1|19]]|C|$]]|$1|O|3|-4|5|6|7|1A|8|@]|9|@]|C|$]]]|P|$Q|$5|R|S|T|C|$U|V]]|W|$5|R|S|T|C|$U|X]]]]

Amazon RDS is an <a href="https://aws.amazon.com/compliance/hipaa-eligible-services-reference/" rel="nofollow noreferrer">AWS HIPAA-Eligible Service</a> meaning that it can be used with 

In order to be HIPAA compliant in AWS, your team must do the following:

<ol>
<li>Sign a Business Associates Agreement (BAA) with AWS. This agreement outlines the HIPAA security responsibilities shared between the cloud provider and the cloud customer </li>
<li>Adopt appropriate administrative policies and procedures</li>
<li>Implement all necessary security configuration for individual cloud services, such as RDS, EC2, and S3. Security standards include configuring safeguards around encryption, backup and disaster recovery, and access control.</li>
</ol>

You can take a look at this guide to <a href="https://www.dashsdk.com/docs/aws/hipaa/amazon-rds/" rel="nofollow noreferrer">utilizing Amazon RDS in a HIPAA compliant manner</a>.

I'm planning to have Oracle on AWS.

Is Oracle RDS HIPAA compliant? How can I make it HIPAA compliant?

AWS RDS - HIPAA compliant?

翻译质量差，导致语言生硬或混乱。

没有提供实际的解决方法或示例。

解答不清晰，无法理解或解决问题。

页面排版不美观，阅读体验差。

文章

问答

视频

教程

学习中心

腾讯云实验室

直播

竞赛

腾讯云代码分析专区

腾讯iOA零信任安全管理系统专区

腾讯云架构师技术同盟交流圈

腾讯云数据库专区

腾讯云智能顾问专区

腾讯云原生专区

腾讯混元专区

腾讯云TCE专区

腾讯云Lighthouse专区

腾讯云HAI专区

腾讯云Edgeone专区

腾讯云存储专区

腾讯云智能专区

腾讯轻联专区 

腾讯云开发专区

TAPD专区

腾讯轻量云游戏服专区

腾讯云最具价值专家

腾讯云架构师技术同盟

腾讯云创作之星

腾讯云开发者先锋

腾讯云AI代码助手

云原生构建

TAPD 敏捷项目管理

Cloud Studio

SDK中心

API中心

命令行工具

功能1上新10个字符

功能2描述100个字符功能2描述100个字符功能2描述100个字符功能2描述100个字符功能2描述100个字符功能2描述100个字符功能2描述100个字符功能2描述100个字符功能2描述100个字符。

功能2上新100个字符功能2上新100个字符功能2上新100个字符功能2上新100个字符功能2上新100个字符功能2上新100个字符功能2上新100个字符功能2上新100个字符功能2上新100个字符。

功能5描述100个字符功能5描述100个字符功能5描述100个字符功能5描述100个字符功能5描述100个字符功能5描述100个字符

功能5上新100个字符功能5上新100个字符功能5上新100个字符功能5上新100个字符功能5上新100个字符功能5上新100个字符功能5上新100个字符功能5上新100个字符功能5上新100个字符功能5上新100个字符

功能4上新

文章&问答评论现已支持表情

全新交互，全新视觉，新增快捷键、悬浮工具栏、高亮块等功能并同时优化现有功能，全面提升创作效率和体验

社区富文本编辑器全新改版！诚邀体验～ 

精选全网热门MCP server，让你的AI更好用 🚀

💥开发者 MCP广场重磅上线！

涵盖代码开发、场景应用、自动测试全流程，助你从零构建专属AI助手

一站式MCP教程库，解锁AI应用新玩法

聚焦“写作效率、视觉美观与运行性能”三方面进行全面升级，为您提供更高效、稳定的创作环境

社区富文本&Markdown编辑器全新改版上线，欢迎大家体验!

诚挚邀请您参与本次调研，分享您的真实使用感受与建议。您的反馈至关重要，感谢您的支持与参与！

社区新版编辑器体验调研

我计划让甲骨文在AWS上。Oracle RDS HIPAA兼容吗？如何使它符合HIPAA？

问符合AWS RDS - HIPAA吗？
EN

回答 4

Stack Overflow用户

Stack Overflow用户

Stack Overflow用户

社区

活动

圈层

关于

腾讯云开发者

热门产品

热门推荐

更多推荐

问符合AWS RDS - HIPAA吗？EN

回答 4

Stack Overflow用户

Stack Overflow用户

Stack Overflow用户

社区

活动

圈层

关于

腾讯云开发者

热门产品

热门推荐

更多推荐

问符合AWS RDS - HIPAA吗？
EN