By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Is there any documentation on how AWS Bedrock can be HIPAA eligible in more detail?

0

I have found documentation that AWS that Bedrock has achieved HIPAA eligibility https://aws.amazon.com/about-aws/whats-new/2023/09/amazon-bedrock-generally-available/

Does that mean the instance of LLMs Bedrock is running and is within AWS walls and has been altered to make sure data that goes to the LLM doesn't get saved or shared to other customers?

Topics
Security, Identity, & ComplianceMachine Learning & AIGenerative AI on AWS
Tags
Security, Identity, & ComplianceAmazon BedrockGenerative AI on AWS
Language
English
john
asked 3 months ago626 views
1 Answer
1
Accepted Answer

Hi John

You're right in that data doesn't leave the AWS service or go back to the model vendor. To quote the documentation:

"Each model provider has an escrow account that they upload their models to. The Amazon Bedrock inference account has permissions to call these models, but the escrow accounts themselves don't have outbound permissions to Amazon Bedrock accounts. Additionally, model providers don't have access to Amazon Bedrock logs or access to customer prompts and continuations."

There is also this resource for compliance validation.

Hopefully this helps!

JamesM
answered 3 months ago
profile pictureAWS
EXPERT
Didier_Durand
reviewed 3 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content