Forum Discussion

Rizwan Ansari's avatar
Rizwan Ansari
Copper Contributor
Aug 10, 2020

HIPAA Compliance Deployment to Azure App Services

We are deploying application which holds PHI data to Azure in Azure App Services with Azure SQL.

Are Azure SQL and Azure App Services HIPAA compliant? Are there any further steps I will have to take to make the infrastructure HIPAA compliant? 

  • MrCoups's avatar
    MrCoups
    Copper Contributor

    Rizwan Ansari Hi there! You can look at the compliance status of all of the Azure services at the following site... https://docs.microsoft.com/en-us/microsoft-365/compliance/offering-hipaa-hitech?view=o365-worldwide

     

    This describes the services in scope for compliance as well. Important to note though that the platform is compliant, this does not mean your application is compliant, you will still need accreditation for your application you are deploying but the platform (depending on the content of the link above), will be compliant.

     

    This is the same for any compliance in Azure, platform is compliant, what you deploy on top you need to validate yourself.

Resources