Approaching HIPAA Compliance

Ikigai utilizes a variety of tools and services to maintain HIPAA compliance in our cloud-native AI platform for data operators

HIPAA Compliance Overview

  • Access control
  • Encryption in transit
  • Encryption at rest
  • Activity logs
  • Audit controls

Tools used for HIPAA Compliance

Encryption in transit

Figure 1. Linkerd service mesh provides mTLS
Table 1. Linkerd service mesh encryption overview

Logging

Figure 2. AWS CloudTrail aggregates external and intra-service API calls
Table 2. AWS CloudTrail logging overview

Access Control

Table 3. IAM and Terraform overview

Encryption at rest

Figure 3. KMS encryption of plaintext
Table 4. AWS Key Management System overview

Automating compliance checks

Table 5. AWS Config for on-going compliance checks

Conclusion

About the Author

Camil Blanchet (Software Engineer — Cloud architect)

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Ikigai Labs

The only operational BI platform that turns actionable insights into insightful actions.