Databricks Now Provides HIPAA and PCI-DSS Compliance Features on AWS (multi-tenant)

Databricks on AWS is trusted by customers in regulated industries to analyze and gain insights from their most sensitive data utilizing the data lakehouse paradigm. Our security program incorporates industry-leading best practices to fulfill our customers’ security needs. Security measures that aided with Payment Card Industry Data Security Standard (PCI-DSS) and Health Insurance Portability and Accountability Act (HIPAA) compliance were previously only available through AWS’ classic (also known as single-tenant) configuration. We’re excited to share a new set of security controls (in public preview) that can help with PCI compliance and HIPAA compliance for newer E2 architecture deployments. These new security controls include:

  • Enhanced security monitoring which will install additional security agents to the cluster VMs to monitor for antivirus and malware, file integrity and other vulnerabilities.
  • Use of only enhanced hardened Ubuntu operating system based images with CIS benchmark level 1 controls for your cluster virtual machines
  • Use of AWS Nitro System to enforce encryption at rest and encryption in transit between the cluster nodes
  • Limiting the Databricks Runtime versions for the cluster to versions that have compliance controls Use of TLS 1.2 encryption or higher for encrypting data in transit

Visit the PCI-DSS on AWS and HIPAA on AWS page to learn more about the new security controls. Visit the Databricks AWS pricing page to learn about the pricing and please fill out this sign up form to request access to the preview.

Try Databricks for free Get started

Sign up