using aws to meet requirements for hipaa, ferpa, and cjis | aws public sector summit 2016
TRANSCRIPT
![Page 1: Using AWS to Meet Requirements for HIPAA, FERPA, and CJIS | AWS Public Sector Summit 2016](https://reader035.vdocuments.mx/reader035/viewer/2022070516/586fdeee1a28ab18428b6daf/html5/thumbnails/1.jpg)
© 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Scotty Ellis, Baylor College of Medicine, CCITJason Fischl, Vice President of Engineering, Remind
Bassam Amrou, Chief Information Officer, Sacramento County DA
Using AWS to Meet Requirements for HIPAA, FERPA & CJIS Compliance
Customer Perspectives
![Page 2: Using AWS to Meet Requirements for HIPAA, FERPA, and CJIS | AWS Public Sector Summit 2016](https://reader035.vdocuments.mx/reader035/viewer/2022070516/586fdeee1a28ab18428b6daf/html5/thumbnails/2.jpg)
© 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Scotty Ellis, Baylor College of Medicine, CCIT
HIPAA Compliance & AWSA quick look followed by Q&A
![Page 3: Using AWS to Meet Requirements for HIPAA, FERPA, and CJIS | AWS Public Sector Summit 2016](https://reader035.vdocuments.mx/reader035/viewer/2022070516/586fdeee1a28ab18428b6daf/html5/thumbnails/3.jpg)
HIPAA Compliance & AWS: Passport For Care
![Page 4: Using AWS to Meet Requirements for HIPAA, FERPA, and CJIS | AWS Public Sector Summit 2016](https://reader035.vdocuments.mx/reader035/viewer/2022070516/586fdeee1a28ab18428b6daf/html5/thumbnails/4.jpg)
HIPAA Compliance & AWS
Key points:• Must sign BAA with AWS• Must setup separate infrastructure from non-BAA
covered infrastructure• Must use dedicated instances to meet requirements of
the BAA• Must pay the per-region cost of $2/hr if you use EC2• Recommended to work on FISMA doc concurrently (i.e.
System Security Plan and related controls)
![Page 5: Using AWS to Meet Requirements for HIPAA, FERPA, and CJIS | AWS Public Sector Summit 2016](https://reader035.vdocuments.mx/reader035/viewer/2022070516/586fdeee1a28ab18428b6daf/html5/thumbnails/5.jpg)
Thank You
![Page 6: Using AWS to Meet Requirements for HIPAA, FERPA, and CJIS | AWS Public Sector Summit 2016](https://reader035.vdocuments.mx/reader035/viewer/2022070516/586fdeee1a28ab18428b6daf/html5/thumbnails/6.jpg)
© 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
FERPA Compliance & AWS
![Page 7: Using AWS to Meet Requirements for HIPAA, FERPA, and CJIS | AWS Public Sector Summit 2016](https://reader035.vdocuments.mx/reader035/viewer/2022070516/586fdeee1a28ab18428b6daf/html5/thumbnails/7.jpg)
![Page 8: Using AWS to Meet Requirements for HIPAA, FERPA, and CJIS | AWS Public Sector Summit 2016](https://reader035.vdocuments.mx/reader035/viewer/2022070516/586fdeee1a28ab18428b6daf/html5/thumbnails/8.jpg)
R E M I N D H A S A M I S S I O N
T O C O N N E C T E V E R Y
T E A C H E R , S T U D E N T A N D
P A R E N T I N T H E W O R L D
![Page 9: Using AWS to Meet Requirements for HIPAA, FERPA, and CJIS | AWS Public Sector Summit 2016](https://reader035.vdocuments.mx/reader035/viewer/2022070516/586fdeee1a28ab18428b6daf/html5/thumbnails/9.jpg)
O V E R 3 5 M I L L I O N T E A C H E R S , S T U D E N T S A N D PA R E N T S
WITH ACTIVE TEACHERS IN 50% OF K-12 SCHOOLS
![Page 10: Using AWS to Meet Requirements for HIPAA, FERPA, and CJIS | AWS Public Sector Summit 2016](https://reader035.vdocuments.mx/reader035/viewer/2022070516/586fdeee1a28ab18428b6daf/html5/thumbnails/10.jpg)
T E A C H E R - O B S E S S I O N S I M P L I C I T Y S A F E T Y A C C E S S
O U R A P P R O A C H
![Page 11: Using AWS to Meet Requirements for HIPAA, FERPA, and CJIS | AWS Public Sector Summit 2016](https://reader035.vdocuments.mx/reader035/viewer/2022070516/586fdeee1a28ab18428b6daf/html5/thumbnails/11.jpg)
4 0 0 , 0 0 0 u s e r s p e r
d a y
F r o m 5 0 M t o 2 0 0 M m e s s a g e s
p e r m o n t h
S t e p -f u n c t i o n
i n c r e a s e i n A u g u s t
O U R C H A L L E N G E I S B A C K T O S C H O O L G R O W T H
![Page 12: Using AWS to Meet Requirements for HIPAA, FERPA, and CJIS | AWS Public Sector Summit 2016](https://reader035.vdocuments.mx/reader035/viewer/2022070516/586fdeee1a28ab18428b6daf/html5/thumbnails/12.jpg)
R E D S H I F T S 3 C L O U D F R O N T
W e M a n a g e B a c k - t o -
s c h o o l w i t h A W S
![Page 13: Using AWS to Meet Requirements for HIPAA, FERPA, and CJIS | AWS Public Sector Summit 2016](https://reader035.vdocuments.mx/reader035/viewer/2022070516/586fdeee1a28ab18428b6daf/html5/thumbnails/13.jpg)
E C S
E C 2 C L O U D F O R M A T I O N C L O U D W A T C H
D Y N A M O D B R O U T E 5 3 K I N E S I S
R D S
R E D S H I F T S 3 C L O U D F R O N T
W e M a n a g e B a c k - t o -
s c h o o l w i t h A W S
![Page 14: Using AWS to Meet Requirements for HIPAA, FERPA, and CJIS | AWS Public Sector Summit 2016](https://reader035.vdocuments.mx/reader035/viewer/2022070516/586fdeee1a28ab18428b6daf/html5/thumbnails/14.jpg)
I N T E R N E T
V I R T U A L P R I V A T E C L O U D
ROUTER(NGINX)
D A S H B O A R D
A P I
F I L E S
X X
C O N T A I N E R S
C O N T A I N E R S
C O N T A I N E R S
C O N T A I N E R S
R O U T E 5 3
M O N O L I T H I C T O M I C R O S E R V I C E S
![Page 15: Using AWS to Meet Requirements for HIPAA, FERPA, and CJIS | AWS Public Sector Summit 2016](https://reader035.vdocuments.mx/reader035/viewer/2022070516/586fdeee1a28ab18428b6daf/html5/thumbnails/15.jpg)
© 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
CJIS Compliance & AWS
![Page 16: Using AWS to Meet Requirements for HIPAA, FERPA, and CJIS | AWS Public Sector Summit 2016](https://reader035.vdocuments.mx/reader035/viewer/2022070516/586fdeee1a28ab18428b6daf/html5/thumbnails/16.jpg)
Criminal
Justice
Information
Services
![Page 17: Using AWS to Meet Requirements for HIPAA, FERPA, and CJIS | AWS Public Sector Summit 2016](https://reader035.vdocuments.mx/reader035/viewer/2022070516/586fdeee1a28ab18428b6daf/html5/thumbnails/17.jpg)
What is CJIS?CJIS is a minimum set of security requirements to access the FBI Criminal Justice Information services (CJIS). It is a shared responsibility of the lawful use and appropriate protection of CJI
This security requirement is associated with the:• Creation• Viewing• Modification• Transmission• Dissemination• Storage• Destruction
![Page 18: Using AWS to Meet Requirements for HIPAA, FERPA, and CJIS | AWS Public Sector Summit 2016](https://reader035.vdocuments.mx/reader035/viewer/2022070516/586fdeee1a28ab18428b6daf/html5/thumbnails/18.jpg)
Conceptual Diagram
![Page 19: Using AWS to Meet Requirements for HIPAA, FERPA, and CJIS | AWS Public Sector Summit 2016](https://reader035.vdocuments.mx/reader035/viewer/2022070516/586fdeee1a28ab18428b6daf/html5/thumbnails/19.jpg)
Conceptual Diagram
![Page 20: Using AWS to Meet Requirements for HIPAA, FERPA, and CJIS | AWS Public Sector Summit 2016](https://reader035.vdocuments.mx/reader035/viewer/2022070516/586fdeee1a28ab18428b6daf/html5/thumbnails/20.jpg)
Thank You