AWS Snowball Now HIPAA Compliant

Amazon Web Services’ Snowball product is now available to businesses that need to transfer individual’s health care data to cloud storage under the Health Insurance Portability and Accountability Act.
AWS launched Snowball last year as an appliance-based service for large organizations that need to move large amounts of data to and fro the cloud. The company announced last week that Snowball now meets HIPAA’s privacy and security requirements.
This means that HIPAA-compliant businesses, such as hospitals, insurance companies, and others that process private healthcare information can use Snowball to import and export the data to the AWS cloud. They won’t have to be in breach of regulations.
Jeff Barr, AWS evangelist, stated in a blog post that Snowball can be used immediately to transfer data into HIPAA accounts if you already have a Business Associate Agreement (BAA).
A ruggedized physical container called Snowball is sent by AWS to users who have many terabytes of data to migrate to the cloud. The cables included in the Snowball appliance allow users to connect it to their network, transfer data to the appliance from their network, and then send it back to AWS. AWS then transfers user’s data to the AWS cloud service that they choose.
The AWS Snowball appliance. Snowball can also export data from the AWS cloud into customers’ on-premises environments as of March 2012.
According to Barr, Snowball is one of the 10 HIPAA-eligible AWS services. Barr also listed the following services: Amazon Simple Storage Service (S3); Amazon Elastic Compute Cloud(EC2); Amazon Elastic Block Store Store (EBS); Amazon Redshift (Amazon Glacier), Amazon DynamoDB (Amazon DynamoDB), Elastic Load Balancing (Amazon EMR) and Amazon Relational Database Service Service (RDS).
Barr stated that Snowball is now eligible for HIPAA-eligible services. This means that customers in the Healthcare and Life Sciences space of AWS can quickly move their data to Snowball and then process it using any one of the [above] services. They can use the HDFS Import feature to move an existing Hadoop cluster on-premises to the cloud and then analyze it using a scalable EMR cluster. They can also move existing data to AWS (e.g., medical images, patient records) and store it in S3 and Glacier, both of which are HIPAA-eligible.
AWS was also involved in the launch of a cloud-based database that collects information about cardiovascular disease. According to Monday’s announcement, the Precision Medicine Platform of the American Heart Association is now available for private preview. It “will allow researchers and clinicians to aggregate data including longitudinal cohorts and proteomic, genome, and gene expression data using precision medicine approaches to uncover critical cardiovascular disease insight that can translate into medical innovations.”
According to the announcement, the registry will collect data from clinical trials and studies, as well real-time data from patients who use or wear Internet-connected devices.