- Application Programming Interface (API)
- Assurance Services
- Cloud Optimizer
- Compute@Edge
- DDoS Protection and Mitigation Service and SLA
- Dedicated IP addresses
- Designated Technical Specialist
- Fastly product lifecycle
- Fastly’s Full-Site Delivery
- Fastly's On-the-Fly Packaging service
- Fastly’s Streaming Delivery
- HIPAA-Compliant Caching and Delivery
- Image Optimizer
- Live Event Monitoring Service
- Logging Insights Package
- Media Shield for Live
- Media Shield for VOD
- Origin Connect
- PCI-Compliant Caching and Delivery
- Performance Optimization Package
- Platform TLS Certificate Management Product
- Professional Services
- Related offerings
- Service availability SLA
- Subscriber Provided Prefix
- Summary product definitions
- Support description and SLA
- TLS オプション
- TLS service options
- Varnish Configuration Language (VCL)
- WAF Quick Start Package
- WAF Support and SLA
- WAF Tuning Package
- WAF Tuning Plus Package
- Web Application Firewall (WAF)
HIPAA-Compliant Caching and Delivery
Last updated August 01, 2018
You can configure the Fastly CDN service to cache and transmit protected health information (PHI) in keeping with Health Information Portability and Accountability Act (HIPAA) security requirements. Use the following features to ensure secure handling of cache data that contains PHI:
-
Configure frontend and backend TLS to encrypt transmitted data from your origin to your end users.
-
Add the
beresp.hipaa
variable to objects containing PHI to keep that data out of non-volatile disk storage at the edge.
Contact sales@fastly.com for more information on how to enable the beresp.hipaa
feature for your account. For accounts that have this feature enabled, Fastly will enter into a HIPAA business associate agreement (BAA) as an addendum to our terms of service.
IMPORTANT: If you have purchased Fastly’s PCI-compliant caching or HIPAA-compliant caching products Fastly will enforce a minimum version of TLS 1.2 or higher for all connections to meet the compliance requirements mandated by the PCI Security Standards Council.
NOTE: Fastly's security and technology compliance program includes safeguards for the entire Fastly CDN service, independent of using the beresp.hipaa
variable. The Fastly security program and technology compliance guides provide more information about these safeguards.