Tag: compliance

In this post, we demonstrate how to use the advanced malware detection features of Amazon GuardDuty to uncover malicious and suspicious files compromising your Amazon Elastic Compute Cloud (Amazon EC2) instances. We use the investigative capabilities of Amazon Detective to gain deeper insights into the security event. After the key questions about the security event are addressed, we outline steps to remediate the potentially compromised EC2 instance.

In this blog, we will guide you through the process of setting up a secure multi-account AWS environment using AWS Control Tower, AWS IAM Identity Center, AWS Organizations and will show you how to secure your environment using AWS Config, AWS Security Hub, and Amazon GuardDuty.

Connecting for Better Health (C4BH) is a nonprofit coalition focused on advancing health and social services data sharing to improve the overall health of Californians. To support this mission, AWS has awarded the 2024-2025 AWS IMAGINE Grant: Go Further, Go Faster to C4BH for their Data Exchange Framework (DxF) Community Sandbox. This grant is part of an AWS initiative to empower nonprofit organizations using technology to address global challenges and will provide vital support to enhance health and social services data sharing efforts across healthcare and social service partners.

As more and more healthcare companies use their data to remain competitive, protecting patient data is as critical than ever. With increasing adoption of AI/ML models in healthcare, making sure that these technologies comply with privacy regulations such as HIPAA and GDPR has become a top priority. Amazon Bedrock is a fully managed service that provides unified access to a diverse selection of high-performance foundation models from industry-leading AI companies. In this post, we walk you through the importance of healthcare data privacy and how to use Amazon Bedrock Guardrails to safeguard sensitive information in AI-driven healthcare solutions.

Amazon Web Services (AWS) is pleased to announce that AWS Marketplace has received “Awardable” status in the Department of Defense (DoD) Platform One (P1) Solutions Marketplace. This designation enables DoD organizations to readily access and procure solutions through AWS Marketplace using established acquisition pathways.

In an increasingly digital world, governments and public sector entities are seeking secure and efficient ways to use cloud technologies. As we’ve innovated and expanded the Amazon Web Services (AWS) Cloud, we continue to prioritize making sure customers are in control and able to meet their national regulatory requirements. In this post, we share how AWS is collaborating with national cyber regulators and other public sector entities to enable secure adoption of the AWS Cloud across countries’ public sectors.

This post explores the architectural design and security concepts employed by Radboud University Medical Center Nijmegen (Radboudumc) to build a secure artificial intelligence (AI) runtime environment on Amazon Web Services (AWS). Business leaders dealing with sensitive or regulated data will find this post invaluable because it demonstrates a proven approach to using the power of AI while maintaining strict data privacy and security standards.

Global leaders are convening in Germany this week at the annual Munich Security Conference (MSC) to discuss key foreign policy and security challenges. Amid these discussions, one thing is clear: global leadership increasingly hinges on technological progress. In particular, the rapid progress of artificial intelligence (AI) presents an extraordinary opportunity for transformative innovation. For the U.S. government, this moment marks a crucial inflection point: embrace bold modernization of digital infrastructure and AI investment or risk being outpaced by global competitors.

Public sector organizations face stringent compliance requirements, and any unauthorized access to protected health information (PHI) or personal identifiable information (PII) can result in legal penalties and reputational damage. This post aims to demonstrate how public sector customers can develop a fine-grained authorization module using Amazon Web Services (AWS) identity services, extending beyond the capabilities of traditional role-based access control (RBAC), so they can achieve compliance objectives.

Data Review & Transfer Component (DRTC) on Amazon Web Services (AWS) provides a seamless solution to review, approve, and automate sensitive data transfer requests into and out of secure enclaves. In this post, we take you through the benefits of using DRTC to review data and other research artifacts for sensitivity prior to transfer into and out of these secure environments, in particular Trusted Research Environments (TREs).