GDPR Compliance on Healthlake

0

We are trying to build a health lake and considering to leverage Amazon health lake, However our security team would like to confirm that Healthlake offers GDPR Compliance. In specific right to be forgotten requests. I dont see any specific documentation around this. Can you please let us know how AWS supports this

2 Respostas
0
Resposta aceita

Yes. HL is GDPR compliant. using the delete API customers can logically delete the patient data entry in HL, which is then deleted from the media as part of the recurring job. Its a soft delete but thereafter it is deleted from media (3-13 days SLA)

AWS
respondido há 10 meses
0

Hi,

On your very specific question, you should analyze S3 Find & Forget: https://aws.amazon.com/blogs/big-data/handling-data-erasure-requests-in-your-data-lake-with-amazon-s3-find-and-forget/

You should also go to AWS Artifact on your AWS console and download reports related to GDPR: https://aws.amazon.com/artifact/

Then, you should also go to AWS GDPR Center: https://aws.amazon.com/compliance/gdpr-center/ and download this extensive wp about GDPR: https://docs.aws.amazon.com/pdfs/whitepapers/latest/navigating-gdpr-compliance/navigating-gdpr-compliance.pdf

You may also want to review the Shared Security Model to see how AWS services help you achieve GDPR compliance: https://aws.amazon.com/compliance/shared-responsibility-model/

Best,

Didier

profile pictureAWS
ESPECIALISTA
respondido há 10 meses
profile picture
ESPECIALISTA
avaliado há 10 meses

Você não está conectado. Fazer login para postar uma resposta.

Uma boa resposta responde claramente à pergunta, dá feedback construtivo e incentiva o crescimento profissional de quem perguntou.

Diretrizes para responder a perguntas