This feature requires your account to be on the Premium pricing tier.
The Health Insurance Portability and Accountability Act of 1996 (HIPAA), and the Health Information Technology for Economic and Clinical Health (HITECH) and the regulations issued under HIPAA are a set of US healthcare laws. Among other provisions, these laws establish requirements for the use, disclosure, and safeguarding of protected health information (PHI).
HIPAA applies to covered entities and business associates that create, receive, maintain, transmit, or access PHI. When a covered entity or business associate engages the services of a cloud service provider (CSP), such as Databricks, the CSP becomes a business associate under HIPAA.
HIPAA regulations require that covered entities and their business associates enter into a contract called a Business Associate Agreement (BAA) to ensure the business associates will protect PHI adequately. Among other things, a BAA establishes the permitted and required uses and disclosures of PHI by the business associate, based on the relationship between the parties and the activities and services being performed by the business associate.
Databricks permits the processing of PHI data under the condition of a signed BAA agreement with Databricks. Contact your Databricks account team for more information.
HIPAA compliance features on the Google Cloud platform are enabled at the account level.
If you have a Google Cloud account and your account is not enabled for HIPAA, contact your Databricks account team to upgrade your account to include HIPAA compliance features. Note that enabling HIPAA compliance features for an account is permanent and cannot be removed later.
After your Databricks account is enabled for HIPAA on Google Cloud, workspaces in the account have HIPAA compliance features for all regions. To deploy a workspace without HIPAA compliance features, you must create a separate Databricks account.
You are wholly responsible for ensuring your own compliance with all applicable laws and regulations. Information provided in Databricks online documentation does not constitute legal advice, and you should consult your legal advisor for any questions regarding regulatory compliance.
Databricks does not support the use of preview features for the processing of PHI on the HIPAA on Google Cloud platform, with the exception of the features listed in Preview features that are supported for processing of PHI data.
The following preview features are supported for processing of PHI: