By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Serving users who are bound by professional secrecy (doctors/lawyers etc.)

0

With our product we may process sensitive information of users, which may constitute a professional secret within the meaning of Section 203 of the German Criminal Code ("third-party secrets"). Examples of such users are doctors or lawyers, whose client data is protected by confidentiality. AWS is a sub-processor for us. We have to oblige all our sub-processors to maintain confidentiality with regard to such data. Do we need to sign additional agreements with AWS, or is the standard data processing agreement enough?

Topics
Security, Identity, & ComplianceAWS Compliance
Tags
Security, Identity, & ComplianceGeneral Data Protection RegulationAWS Compliance
Language
English
justus
asked 13 days ago49 views
1 Answer
0

Hi,

Your question is answered in this documentation: https://docs.aws.amazon.com/whitepapers/latest/navigating-gdpr-compliance/aws-data-processing-addendum-dpa.html

AWS offers a GDPR-compliant AWS Global Data Processing Addendum (GDPR DPA), which 
enables customers to comply with GDPR contractual obligations. The AWS GDPR DPA is 
incorporated into the AWS Service Terms and applies automatically to all customers globally 
who require it to comply with the GDPR whenever customers use AWS services to process personal 
data, regardless of which data protection laws apply to that processing.

And also: https://docs.aws.amazon.com/whitepapers/latest/navigating-gdpr-compliance/the-role-of-aws-under-the-gdpr.html

Best,

Didier

profile pictureAWS
EXPERT
Didier_Durand
answered 13 days ago
profile picture
EXPERT
Adeleke Adebowale J
reviewed 12 days ago
profile pictureAWS
EXPERT
Brettski-AWS
reviewed 13 days ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content