Skip to main content

HIPAA compliance in Dagster+ serverless

This guide covers setting up Dagster+ Serverless in a HIPAA compliant way.

Disclaimer

This is guidance only, not legal advice. Dagster Labs makes no HIPAA compliance guarantees. Consult legal or compliance professionals.

Prerequisites before processing protected health information (PHI)

  • Execute a Business Associates Agreement (BAA) with Dagster Labs. (Contact your account representative or customer success manager.)
  • Request access to our Trust Center to review our security and compliance documents.
  • Review the Dagster+ Serverless security doc.
  • Coordinate with your account representative or customer success manager to disable the default Serverless I/O manager.
Important

You must disable the default I/O manager before processing any PHI. The default I/O manager is not HIPAA-compliant. Coordinate with Dagster Engineering through your account representative or customer success manager to ensure proper configuration.

Additional considerations

HIPAA compliance is an ongoing process that requires:

  • Regular security assessments
  • Comprehensive documentation of all configurations and processes
  • Continuous monitoring and audit logging
  • Staff training on HIPAA requirements

Getting help

For questions about HIPAA compliance with Dagster+, contact your account representative or customer success manager.