AWS Bedrock and MIMIC

[carlos3dx]

Hello,

I understand that that MIMIC data cannot be used with external APIs like Claude but it can be used with controlled cloud environment as per this discussion: #1593

My question is that if AWS Bedrock and their base models would comply with the DUA.

AWS Bedrock product page

Bedrock is in scope for common compliance standards including ISO, SOC, CSA STAR Level 2, is HIPAA eligible, and customers can use Bedrock in compliance with the GDPR.

AWS Bedrock data protection documentation

Amazon Bedrock doesn't use your prompts and continuations to train any AWS models or distribute them to third parties.
Each model provider has an escrow account that they upload their models to. The Amazon Bedrock inference account has permissions to call these models, but the escrow accounts themselves don't have outbound permissions to Amazon Bedrock accounts. Additionally, model providers don't have access to Amazon Bedrock logs or access to customer prompts and continuations.
Amazon Bedrock doesn’t store or log your data in its service logs.

Anthropic's EULA to use Claude 3 on AWS Bedrock

Customer Content. The technology provided by Anthropic to AWS to enable Customer’s
access to the Services does not give Anthropic access to Customer’s AWS instance,
including Prompts or Outputs it contains (“Customer Content”). Anthropic does not
anticipate obtaining any rights in or access to Customer Content under these Terms. As
between the Parties and to the extent permitted by applicable law, Anthropic agrees that
Customer owns all Outputs, and disclaims any rights it receives to the Customer Content
under these Terms. Subject to Customer’s compliance with these Terms, Anthropic hereby
assigns to Customer its right, title and interest (if any) in and to Outputs. Anthropic may not
train models on Customer Content from Services. Anthropic receives usage data from AWS
to monitor compliance with the AUP (as defined below) and understand Service performance
(“Usage Data”). Usage Data excludes Customer Content. For example, Anthropic receives
notifications about the volume of Customer’s usage of the Services.

So, if I use one of the Bedrock's base models like Claude, Llama, or Mistral, It would comply with the DUA? If not, since Bedrock is HIPAA elegible, What should be the steps to be compliant and use it?

Thanks in advance.

[alistairewj]

I believe HIPAA compliance necessitates a lot of our requirements, since the primary condition of the DUA being enforced here is not sharing the data with others, and usually HIPAA's audibility requirements also restrict data access. I would check if (1) if the HIPAA eligibility is the default or whether it is only when you have some agreement like a BAA, and (2) whether Amazon Bedrock do any human review of user content - usually under the auspices of avoiding harm/service improvement - and if there is a mechanism to opt out. If they don't do any human review, then those terms look consistent with the DUA.

[carlos3dx]

If I understood correctly, (1) is elegible by default (compliance not sure about the process) and (2) since AWS doesn't keep anything of the inputs/outputs, should be not possible for anybody to review.

I'll recheck again knowing what to look, thank you.

[tompollard]

@carlos3dx Amazon Bedrock is acceptable. Please see: https://physionet.org/news/post/gpt-responsible-use

If you are interested in using the GPT family of models, we suggest using one of the following services:

• Azure OpenAI service. You'll need to opt out of human review of the data, as (1) you are processing sensitive data where the likelihood of harmful outputs and/or misuse is low, and (2) you do not have the right to permit Microsoft to process the data for abuse detection due to the data use agreement you have signed. The form for opting out of the review process is available here: https://aka.ms/oai/additionalusecase
• Amazon Bedrock. Bedrock provides options for fine-tuning foundation models using private labeled data. After creating a copy of a base foundation model for exclusive use, data is not shared back to the base model for training.

[carlos3dx]

Thank you. :)