AWS launches new healthcare-specific accelerator
Photo: AWS
Amazon Web Services this past week announced its Landing Zone Accelerator for Healthcare.
WHY IT MATTERS
In an Amazon blog post, Donny Wilson, global security and compliance senior solutions architect at AWS, explained how the LZA for Healthcare is an industry-specific deployment of the company's existing Landing Zone Accelerator.
The LZA for Healthcare is a set of configuration files focused on further meeting the needs of healthcare-affiliated organizations. The LZA for Healthcare can help reduce the effort and complexity involved in supporting healthcare compliance efforts.
The aim is to provide a "comprehensive no-code solution across more than 35 AWS services and features to manage and govern a multi-account environment," said Wilson. "The LZA is built to support customers with highly-regulated workloads and complex compliance requirements."
The LZA for Healthcare can help healthcare organizations around the world align security controls with prominent international frameworks, he said, including HIPAA, Cloud Computing Compliance Controls Catalog, National Cyber Security Centre, Esquema Nacional de Seguridad, ISO 27001 and ISO 27002.
"The LZA helps establish platform readiness with security, compliance, and operational capabilities," said Wilson. "It is important to note that the LZA solution will not, by itself, make you compliant. It provides the foundational infrastructure from which additional complementary solutions can be integrated."
The goal is to help healthcare customers build readiness for a cloud compliance program, including default accounts; account structure; core networking infrastructure; security configurations for logging, monitoring and notification; and encryption.
Wilson notes, however, that it's important to "review, evaluate, assess, and approve the solution in compliance with your organization’s particular security features, tools, and configurations. It is the sole responsibility of you and your organization to determine which regulatory requirements are applicable and to make sure that you comply with all requirements. This solution does not help you comply with the non-technical administrative requirements."
THE LARGER TREND
While there's no one-size-fits-all approach to security compliance, there are some tried-and-true tips, as CIOs and CISOs explained in our feature on implementation best practices.
And, as Christopher Frenz, information security officer and AVP of IT Security at Mount Sinai South Nassau, explained in a guest article on Healthcare IT News, while compliance-based frameworks are not without merit, it is important to approach them as minimum acceptable standards, and not as end goals.
ON THE RECORD
"The LZA for Healthcare leverages AWS expertise enabling regulated customers to set up their AWS environments in days instead of weeks in an optimized and secure configuration," said Wislon. "By reducing the undifferentiated heavy lifting of establishing a regulated cloud environment, organizations have the opportunity to focus on innovative solutions that provide the greatest value to the customers they serve."
Twitter: @MikeMiliardHITN
Email the writer: mike.miliard@himssmedia.com
Healthcare IT News is a HIMSS publication.