| copyright | lastupdated | subcollection | ||
|---|---|---|---|---|
|
2021-04-15 |
AnalyticsEngine |
{:new_window: target="_blank"} {:shortdesc: .shortdesc} {:codeblock: .codeblock} {:screen: .screen} {:pre: .pre} {:external: target="_blank" .external}
{: #security-compliance}
{{site.data.keyword.iae_full_notm}} meets the requirements of the following assurance and privacy programs.
{: #hipaa}
{{site.data.keyword.iae_full_notm}} meets the required IBM controls that are commensurate with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security and Privacy Rule requirements. These requirements include the appropriate administrative, physical, and technical safeguards required of Business Associates in 45 CFR Part 160 and Subparts A and C of Part 164. HIPAA readiness applies to the following plans:
- Standard Hourly plan in the Dallas (US South) region
- Standard Monthly plan in the Dallas (US South) region
HIPAA support from IBM requires that you agree to the terms of the Business Associate Addendum (BAA) agreement{: external} with IBM for your {{site.data.keyword.Bluemix_short}} account. The BAA outlines IBM responsibilities, but also your responsibilities to maintain HIPAA compliance. After you enable HIPAA support in your {{site.data.keyword.Bluemix_short}} account, you cannot disable it. See Enabling EU support for your account{: external}.
To enable HIPAA support for your {{site.data.keyword.Bluemix_short}} account:
- Log in to your {{site.data.keyword.Bluemix_short}} account.
- Click Manage > Account and then Account settings.
- In the HIPAA Supported section, click On.
- Read the BAA and then select Accept and click Submit.
You do not need to reprovision your {{site.data.keyword.iae_full_notm}} service after you enable HIPAA support.
{: #compliance}
{{site.data.keyword.iae_full_notm}} is SOC1 Type 2 and SOC2 Type 2 compliant. This can be viewed on the {{site.data.keyword.iae_full_notm}} data processing and protection datasheet. For details, see section 5.4 Certifications{: external}.