Amazon SQS Multiple HIPAA Rental and Compliance

Question

Amazon SQS Multiple HIPAA Rental and Compliance

I am going to implement a client / server application - 1 server - [0-N] clients.

To organize the connection between clients and the server, I plan to use Amazon SQS or something like that.

Now I have two questions:

Is Amazon SQS HIPAA compatible?

How do I organize multi-tenant support based on Amazon SQS queues?

Data between clients should not be shared. Each client can only deal with data that was sent only for that client.

Can I implement Aazon SQS in a single queue or do I need to create a separate queue for each client?

+4

amazon-web-services amazon-sqs message-queue hipaa

alexanoid Aug 25 '15 at 9:38

source share

4 answers

, , , , . , "" , , , - . , , , .

+4

E.J. Brennan 25 . '15 13:32

, Amazon HIPAA: https://aws.amazon.com/compliance/hipaa-compliance/

, ( ) SQS , AWS HIPAA. AWS, HIPAA, PHI. , , PHI SQS , RabitMQ ActiveMQ, EC2.

+4

Mark B 25 . '15 14:56

HIPAA, :

"" ( S3).
" " .

PHI db S3, Rob. , S3 . . S3.

- AWS-, HIPAA, PHI .

+1

Denis Wang 16 . '17 20:22

Rob · Accepted Answer · 2017-02-16T16:33:00+0000

Regarding HIPAA and SQS: although your BAA with AWS probably does not allow you to use SQS for PHI, it probably allows you to use S3 (but don’t take my word for it, look in your BAA to be sure).

If so, you can put your payload (PHI) in an (encrypted) S3 file and send an SQS message that refers to the S3 key. When you process the SQS message, you can take the S3 file and process it by deleting the message and / or file as needed.

There is even an “advanced” SQS client that you can use to handle this magic for you.

S3, , . , , . , , S3. PHI S3, BAA SQS.

Amazon SQS Multiple HIPAA Rental and Compliance

More articles: