Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Important
This feature is in Public Preview.
This page describes HITRUST compliance controls in Azure Databricks.
HITRUST overview
HITRUST is a certifiable framework that integrates multiple compliance standards, including HIPAA, to help organizations manage risk and demonstrate security and privacy compliance.
Key points
- Widely used in the healthcare industry.
- Based on a unified framework combining HIPAA, ISO, NIST, GDPR, and others.
- Offers a certifiable approach to managing risk and ensuring regulatory compliance.
Enable HITRUST compliance controls
To configure your workspace to support processing of data regulated by the HITRUST standard, Databricks strongly recommends the workspace enables the compliance security profile. The compliance security profile will be required for HITRUST workloads when support becomes generally available.
Only specific preview features are supported for processing regulated data. For details on the compliance security profile, supported preview features, and supported regions, see Compliance security profile.
Ensure that sensitive information is never entered in customer-defined input fields, such as workspace names, compute resource names, tags, job names, job run names, network names, credential names, storage account names, and Git repository IDs or URLs. These fields might be stored, processed, or accessed outside the compliance boundary.
To enable HITRUST compliance controls, see Configure enhanced security and compliance settings.