BAA Hipaa applied to all accounts?


Hi, Once BAA is signed at the organization level , does it get applied to all:



IAM roles?

service accounts?

Basically applied everywhere?

Thank you

2 Answers

Refer this blog post, which exactly answers the questions asked and provide more details on shared responsibility.

profile pictureAWS
answered 4 days ago


AFAIK, The AWS Business Associate Addendum (BAA) covers all accounts in your AWS Organization. It applies to all IAM users, roles, and service accounts within these accounts. Only AWS HIPAA-eligible services are covered by the BAA. You must activate HIPAA-eligible services in AWS Artifact for each relevant account. While the BAA provides coverage, you're still responsible for proper configuration and HIPAA compliance. AWS recommends using separate accounts for PHI and non-PHI workloads.

Hope it helps.

answered 4 days ago
profile picture
reviewed 4 days ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions