Privacy and compliance

Databricks has put in place controls to meet the unique compliance needs of highly regulated industries.

To learn how you can use Delta Lake on Databricks to manage General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) compliance for your data lake, see Get started: Prepare your data for GDPR compliance

For more information about privacy and compliance and Databricks, see the Databricks Security and Trust Center.

Enhanced Security and Compliance add-on

Enhanced Security and Compliance is a platform add-on that provides enhanced security and controls for your compliance needs. See the pricing page. The Enhanced Security and Compliance add-on includes:

• Compliance security profile: The compliance security profile provides additional security monitoring, a hardened host OS image, enforced instance types for inter-node encryption, and enforced automatic cluster update to ensure your clusters run with the latest security updates.

  When you enable the compliance security profile, you make a selection for the compliance standards. The options available for compliance standards are:

  • CCCS Medium (Protected B)
  • FedRAMP High
  • FedRAMP Moderate
  • HIPAA
  • Infosec Registered Assessors Program (IRAP)
  • PCI-DSS
  • UK Cyber Essentials Plus

  You can also choose to enable the compliance security profile for its enhanced security features without the need to conform to a compliance standard. See Compliance security profile.

• Enhanced security monitoring: Enhanced security monitoring provides the workspace with an enhanced hardened host OS image and additional security monitoring agents to improve your threat detection capabilities. For more information, see Enhanced security monitoring.
• Automatic cluster update: Automatic cluster update ensures that all the clusters in a workspace are periodically updated to the latest host OS image and security updates. For more information, see Automatic cluster update.

Databricks on AWS GovCloud

Databricks on AWS GovCloud provides the Databricks platform deployed in AWS GovCloud with compliance and security controls. See Databricks on AWS GovCloud (FedRAMP High).

Audit logs

Databricks provides access to audit logs of activities performed by Databricks users, allowing you to monitor detailed usage patterns. See Audit log reference.