Closed jsunthon closed 5 years ago
Luckily there was a section solely based on cloud computing with HIPPA rules.
Main Points (will reiterate on more points during our next meeting)
1) if we use AWS RDS: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.Encryption.html, encryption is already provided
2) will make issue for contractual agreement
3) aws db snapshots arleady provide backup functionality: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_CreateSnapshot.html
Look up HIPAA rules online and how it impacts the way we develop our backend services. For example, should we only allow users that own the data to view their data? If so, this requires an authentication service. Then we might have a different person work on this authentication service