AWS Public Sector Blog

Category: Compliance

Complying with updated NIH Genomic Data Sharing policies on AWS

The National Institutes of Health (NIH) has long maintained guidelines governing the responsible management of controlled access human genomic and phenotypic data maintained in NIH-designated data repositories. Recently, the NIH updated these guidelines to align with the NIST SP 800-171 security standard, which defines a comprehensive framework for securing Controlled Unclassified Information (CUI). In this blog post, we will explore the specifics of the updated NIH guidance and outline how Amazon Web Services (AWS) can help customers build a compliant environment to meet these requirements.

Banner image with headline, "Preparing for CMMC 2.0 compliance: What contractors can do today"

Preparing for CMMC 2.0 compliance: What contractors can do today

CMMC compliance will soon be a must-have for federal contractors, so they need to plan now for how to achieve it. The path towards compliance differs according to the level needed and the assessments involved. Fortunately, there is no shortage of resources available to help—including from Amazon Web Services (AWS) and its partners.

AWS branded background design with text overlay that says "How AWS Wickr can enable secure communications for the Australian Government and its allies"

How AWS Wickr can enable secure communications for the Australian Government and its allies

The use of consumer-grade messaging applications poses significant security and sovereignty risks for Australian Government agencies, making it difficult to meet governmental information management obligations. Official guidance from the National Archives of Australia (NAA) unambiguously states that “instant messaging posts … created or received as part of Australian Government business are Commonwealth records.” Amazon Web Services (AWS) Wickr is an end-to-end encrypted messaging and collaboration service that provides the advanced security, administrative controls, and data retention capabilities government agencies need to protect sensitive information and meet legislative requirements. Read this post to learn more.

AWS branded background image with text overlay that says "How AWS helps agencies meet OMB AI governance requirements"

How AWS helps agencies meet OMB AI governance requirements

The Amazon Web Services (AWS) commitment to safe, transparent, and responsible artificial intelligence (AI)—including generative AI—is reflected in our endorsement of the White House Voluntary AI Commitments, our participation in the UK AI Safety Summit, and our dedication to providing customers with features that address specific challenges in this space. In this post, we explore how AWS can help agencies address the governance requirements outlined in the Office of Management and Budget (OMB) memo M-2410 as public sector entities look to build internal capacity for AI.

AWS branded background design with text overlay that says "Five need-to-know facts about using the AWS Cloud for K12 cyber-resiliency"

Five need-to-know facts about using the AWS Cloud for K12 cyber-resiliency

K12 leaders need tangible solutions and tactics for improving their school’s or district’s cyber-resilience in the coming school year, and Amazon Web Services (AWS) is committed to supporting schools and districts as they enhance the cybersecurity of their networks. Recently, AWS joined the White House, the Department of Homeland Security, and the Department of Education—among other leaders in the government and education community—to commit to improving the cybersecurity resilience of K12 education. As part of this commitment, AWS created the K12 Cyber Grant Program, offering up to $20 million in AWS Promotional Credits to both new and existing K12 customers.

AWS branded background design with text overlay that says "Building compliant healthcare solutions using Landing Zone Accelerator"

Building compliant healthcare solutions using Landing Zone Accelerator

In this post, we explore the complexities of data privacy and controls on Amazon Web Services (AWS), examine how creating a landing zone within which to contain such data is important, and highlight the differences between creating a landing zone from scratch compared with using the AWS Landing Zone Accelerator (LZA) for Healthcare. To aid explanation, we use a simple healthcare workload as an example. We also explain how LZA for Healthcare codifies HIPAA controls and AWS Security Best Practices to accelerate the creation of an environment to run protective health information workloads in AWS.

AWS branded background design with text overlay that says "The benefits of running controlled substance databases with AWS"

The benefits of running controlled substance databases with AWS

Healthcare authorities and providers use state-run controlled substance databases (CSDs) to track prescriptions and identify patients for substance abuse. CSDs help evaluate treatment options, screen patients who may be at risk for drug abuse problems, and make informed decisions about prescribing medication. This post explains how healthcare authorities can leverage CSD data to enhance their decision-making processes within business operations by using Amazon Web Services (AWS).

AWS branded background with text overlay that says "Idaho Controller modernizes back-office operations using AWS"

Idaho Controller modernizes back-office operations using AWS

Idaho deputy controller Josh Whitworth, who leads the state’s enterprise resource planning (ERP) modernization efforts, believes in looking beyond what legacy applications were designed to do decades ago to see the solutions of tomorrow. That view has helped Whitworth and his team transform Idaho’s back-office infrastructure and related processes. Read this blog post to learn how Amazon Web Services (AWS) helped Idaho modernize its ERP.

AWS branded background with text overlay that says "How credit unions can evaluate their FFIEC, NCUA cyber compliance using AWS"

How credit unions can evaluate their FFIEC, NCUA cyber compliance using AWS

Credit unions face unique security, regulatory, and compliance obligations. These requirements mean that a sound cybersecurity posture is essential for credit unions across both cloud workloads and on-premises technology. Read this blog post to learn how Amazon Web Services (AWS) can help credit unions prepare for audits, assess security posture, and produce documentation for state or federal regulators.

Securing and automating compliance in the public sector with AWS

Compliance is essential, but ensuring compliance in the cloud with various regulations and standards can be challenging, especially for public sector organizations. The requirements are highly dynamic, constantly evolving, and they vary across countries. Read this blog post to learn about the Amazon Web Services (AWS) resources that can help customers meet compliance requirements, reduce their time and effort, and focus on core business objectives.