Skip to main content

Compliance controls available on GCP deployments

This article describes the compliance settings available for SAP Databricks accounts deployed on GCP.

The compliance security profile provides enhanced security and controls for your compliance needs. Enabling the compliance security profile is required to use SAP Databricks to process data that is regulated under HIPAA.

HIPAA

HIPAA compliance controls are supported for workspaces in all regions.

HIPAA applies to covered entities and business associates that create, receive, maintain, transmit, or access protected health information (PHI). When a covered entity or business associate engages the services of a cloud service provider (CSP), such as SAP Databricks, the CSP becomes a business associate under HIPAA.

Business Associate Agreement (BAA) requirement for processing PHI

HIPAA and related regulations require organizations that handle protected health information (PHI) to meet specific safeguards. When a covered entity or business associate uses a cloud service provider (CSP) like SAP Databricks, the CSP is also considered a business associate.

As a result, when you enable HIPAA using the compliance security profile, you agree to Databricks' Business Associate Agreement (BAA) in the absence of a separately implemented version. To read the Databricks BAA, see Business Associate Agreement.

Enable the compliance security profile and HIPAA on an existing workspace

important

Compliance standards cannot be removed from a workspace if regulated data was previously processed in that workspace.

Account admins can enable the compliance security profile and add compliance standards on a workspace.

  1. As an account admin, go to the account console.
  2. Click Workspaces.
  3. Click your workspace's name.
  4. Click Security and compliance.
  5. Next to Compliance security profile, click Configure.
  6. Toggle on Enabled, then select HIPAA, then click Save.

Set account-level compliance defaults for all new workspaces

Account admins can configure compliance settings to apply to all new workspaces in their account.

  1. As an account admin, go to the account console.
  2. In the sidebar, click Security.
  3. Click the Enhanced security and compliance tab.
  4. Next to Compliance security profile, click Configure.
  5. In the dialog box, toggle on Enabled, then select HIPAA, then Save.
Last updated on