Compliance validation for Amazon ElastiCache - Amazon ElastiCache for Redis
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China.

Compliance validation for Amazon ElastiCache

Third-party auditors assess the security and compliance of Amazon services as part of multiple Amazon compliance programs, such as SOC, PCI, FedRAMP, and HIPAA.

To learn whether or other Amazon Web Services are within the scope of specific compliance programs, see Amazon Web Services in Scope by Compliance Program. For general information, see Amazon Web Services Compliance Programs.

You can download third-party audit reports using Amazon Artifact. For more information, see Downloading Reports in Amazon Artifact.

Your compliance responsibility when using Amazon Web Services is determined by the sensitivity of your data, your company's compliance objectives, and applicable laws and regulations. Amazon provides the following resources to help with compliance:

You can use Amazon ElastiCache for Redis to build HIPAA-compliant applications. To help do this, you can enable at-rest encryption, in-transit encryption, and Redis AUTH when you create a Redis cluster using ElastiCache for Redis versions 3.2.6, 4.0.10, or later. You can store healthcare-related information, including protected health information (PHI), under an executed Business Associate Agreement (BAA) with Amazon. Amazon Services in Scope have been fully assessed by a third-party auditor and result in a certification, attestation of compliance, or Authority to Operate (ATO). For more information, see the following topics: