Aiven Blog

May 13, 2019

Aiven is HIPAA compliant

Aiven is HIPAA, a US health care standard, compliant. Find out more about what it means in our latest post.


Prem Nallasivampillai

|RSS Feed

Head of Customer Success at Aiven

You might not have known, but Aiven is HIPAA compliant. We actually reached compliance back in December of 2018, but we wanted to get a few use cases under our belt before we announced it.

So, what does this mean on a practical level? This means that all Aiven services can be used in a HIPAA compliant manner in health care use cases and applications.

For those of you looking for Aiven services under HIPAA requirements, contact sales for a Business Associate Agreement (BAA).

Our current list of HIPAA-compliant services includes the following:

  • Aiven for Apache Kafka
  • Aiven for PostgreSQL
  • Aiven for MySQL
  • Aiven for OpenSearch
  • Aiven for Cassandra
  • Aiven for Caching
  • Aiven for InfluxDB
  • Aiven for Grafana

Now that you know we are compliant, let's take a brief overview of what HIPAA is, why it's important, and what compliance actually means and entails.

What is HIPAA and why is it important

HIPAA is the Health Insurance Portability and Accountability Act of 1996 passed by the United States legislature. It contains five titles(or sections) that cover everything from ensuring that people are not denied coverage for pre-existing conditions to the protection of their medical information.

When discussing HIPAA compliance, people are typically referring to Title II of HIPAA. This section establishes regulations for maintaining the privacy and security of protected health information. The privacy regulation pertains to a people, administrative, and contractual standpoint.

To be compliant, all organizations must be at least comply with the HIPAA Privacy regulation.

Meanwhile, the security regulation pertains to keeping electronic PHI safe from disasters, hackers, and electronic theft. Any organization that handles electronic data must meet both the privacy and security HIPAA regulations to be compliant.

Wrapping up

HIPAA compliance is important for organizations that use data for health care use cases and applications. But it doesn't stop with you, your service providers must be as well: it is one of several compliance standards that we possess.

Next on our list will be SOC 2, which we plan on getting certified for in Q3 of 2019. To see our current list of compliance standards, visit our security and compliance page.

To stay up-to-date with our latest news, join our changelog and blog RSS feeds, as well as Twitter and LinkedIn. Not a customer? Try Aiven services with our free 30 day trial.

Subscribe to the Aiven newsletter

All things open source, plus our product updates and news in a monthly newsletter.

Related resources