ElastiCache for Redis is HIPAA compliant while ElastiCache for Memcached is not
What is ElastiCache?
ElastiCache is “Fully managed in-memory data store, compatible with Redis or Memcached. Power real-time applications with sub-millisecond latency” (here).
Most common use cases for ElastiCache are session store, general cache to increase throughput and decrease the load of other services or database, deployment of machine learning models and real time analytics.
AWS offers two flavours of ElastiCache – ElastiCache for Redis and ElastiCache for Memcached. To understand the difference better and recommendation on how to choose an engine see here.
What is HIPAA?
“The Healthcare Insurance Portability and Accountability Act (HIPAA) is an act of legislation passed in 1996 which originally had the objective of enabling workers to carry forward healthcare insurance and healthcare rights between jobs. “https://www.hipaajournal.com/hipaa-explained/
Over the years and specifically after 2013 HIPAA rules were updated to fit to the technology development and expand the requirements to include business associates, where previously only covered entities were held to uphold the HIPAA restrictions.
Why does it matter?
Better safe than sorry – If you develop a product that needs to be HIPAA compliant it is better to choose in advance the right and compliant services rather than replacing it later
To read more –
- AWS HIPAA Compliance – https://aws.amazon.com/compliance/hipaa-compliance/
- AWS HIPAA Eligible Services – https://aws.amazon.com/compliance/hipaa-eligible-services-reference/
- Difference between ElastiCache for Redis – https://aws.amazon.com/elasticache/redis-vs-memcached/
- Choose an engine – https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/SelectEngine.html
- ElastiCache compliance – https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/elasticache-compliance.html
- HIPAA compliance for developers – https://github.com/truevault/hipaa-compliance-developers-guide