Embed Size (px)
Citation preview
© 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Scotty Ellis, Baylor College of Medicine, CCITJason Fischl, Vice President of Engineering, Remind
Bassam Amrou, Chief Information Officer, Sacramento County DA
Using AWS to Meet Requirements for HIPAA, FERPA & CJIS Compliance
Customer Perspectives
© 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Scotty Ellis, Baylor College of Medicine, CCIT
HIPAA Compliance & AWSA quick look followed by Q&A
HIPAA Compliance & AWS: Passport For Care
HIPAA Compliance & AWS
Key points:• Must sign BAA with AWS• Must setup separate infrastructure from non-BAA
covered infrastructure• Must use dedicated instances to meet requirements of
the BAA• Must pay the per-region cost of $2/hr if you use EC2• Recommended to work on FISMA doc concurrently (i.e.
System Security Plan and related controls)
Thank You
© 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
FERPA Compliance & AWS
R E M I N D H A S A M I S S I O N
T O C O N N E C T E V E R Y
T E A C H E R , S T U D E N T A N D
P A R E N T I N T H E W O R L D
O V E R 3 5 M I L L I O N T E A C H E R S , S T U D E N T S A N D PA R E N T S
WITH ACTIVE TEACHERS IN 50% OF K-12 SCHOOLS
T E A C H E R - O B S E S S I O N S I M P L I C I T Y S A F E T Y A C C E S S
O U R A P P R O A C H
4 0 0 , 0 0 0 u s e r s p e r
d a y
F r o m 5 0 M t o 2 0 0 M m e s s a g e s
p e r m o n t h
S t e p -f u n c t i o n
i n c r e a s e i n A u g u s t
O U R C H A L L E N G E I S B A C K T O S C H O O L G R O W T H
R E D S H I F T S 3 C L O U D F R O N T
W e M a n a g e B a c k - t o -
s c h o o l w i t h A W S
E C S
E C 2 C L O U D F O R M A T I O N C L O U D W A T C H
D Y N A M O D B R O U T E 5 3 K I N E S I S
R D S
R E D S H I F T S 3 C L O U D F R O N T
W e M a n a g e B a c k - t o -
s c h o o l w i t h A W S
I N T E R N E T
V I R T U A L P R I V A T E C L O U D
ROUTER(NGINX)
D A S H B O A R D
A P I
F I L E S
X X
C O N T A I N E R S
C O N T A I N E R S
C O N T A I N E R S
C O N T A I N E R S
R O U T E 5 3
M O N O L I T H I C T O M I C R O S E R V I C E S
© 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
CJIS Compliance & AWS
Criminal
Justice
Information
Services
What is CJIS?CJIS is a minimum set of security requirements to access the FBI Criminal Justice Information services (CJIS). It is a shared responsibility of the lawful use and appropriate protection of CJI
This security requirement is associated with the:• Creation• Viewing• Modification• Transmission• Dissemination• Storage• Destruction
Conceptual Diagram
Conceptual Diagram
Thank You
