HIPAA · Building AI Automations

Building HIPAA-Compliant AI Automations: AWS vs. Google Cloud

A vendor-neutral guide for healthcare and med-tech teams choosing a platform to build AI automations — calling AI models by API, wiring up agents, and moving patient data through them compliantly. Written to be readable by a clinical or executive decision-maker, with enough builder detail to actually choose. No winner is declared.

Built from live official AWS and Google Cloud documentation (read 2026-06-12). Each factual claim is cited inline to the official source it came from — the numbers link to the Sources list. Service lists and rules change fast; confirm against the live pages before you build.

Start here — the decision you're actually making

You're choosing where to build AI automations that touch patient data. Read this framing first.

An "AI automation" here means software your team builds that calls an AI model through an API (a programmatic request — e.g., "summarize this note," "extract the diagnoses," "answer this patient question") and chains those calls into a workflow or agent (software that reasons over several steps and uses tools on its own). If that workflow ever touches PHI (Protected Health Information — patient data tied to a person), it falls under HIPAA, and the platform underneath has to support that. Both AWS and Google Cloud do.

Three ground rules shape everything below:

No cloud — and no AI model — is "HIPAA certified." There's no such stamp. AWS says it plainly: "There is no HIPAA certification for a cloud service provider."¹ Google says the same — "there is no certification recognized by the US HHS for HIPAA compliance."⁵ Be skeptical of any AI vendor claiming to simply be "HIPAA compliant" out of the box.
It's a shared responsibility. The cloud secures the infrastructure and the model service; your team is responsible for configuring it correctly and only sending PHI to approved services in an approved way.^{1 5} This is where most AI-automation compliance mistakes happen — see the #1 risk.
The BAA is the gate. Before any PHI flows through your automation, your organization signs a BAA (Business Associate Agreement), the contract in which the vendor commits to protect that data. Both clouds make it self-service.^{1 5}

Not legal advice This guide explains how each platform supports building HIPAA AI automations so your team can ask the right questions. Whether a specific build is compliant depends on configuration and a signed BAA, confirmed with your legal / privacy / compliance owner.

The 30-second answer

If you read one section, read this one.

Both AWS and Google Cloud are fully capable platforms for building HIPAA-compliant AI automations. On both, your team can sign a BAA in minutes,^{1 5} call top-tier AI models — including Anthropic's Claude — by API under that BAA,^{2 5} build multi-step agents with a managed framework, and do it with no special "HIPAA tax."⁵ For most teams, the right platform is the one your engineers already build on, not the one that wins a feature checklist.

The differences that actually matter for AI automations are narrow, and each platform has a distinct strength:

AWS gives you a precise, enforceable per-model data-retention control (set it to "keep nothing"),³ and a deeper bench of ready-made clinical AI, such as ambient note-taking and clinical-text extraction.²
Google Cloud gives you a simpler scope to reason about (its BAA spans the whole infrastructure),⁵ a standing written commitment that your data won't be used to train its models,⁶ and an explicit written promise of no HIPAA price premium.⁵

If you're already building on one of them, the strong default is to stay — you should not switch clouds for compliance reasons alone.

Side-by-side comparison

Six dimensions that matter when building AI automations on patient data. Each cell gives the finding plus what it means for you, cited to its source. Genuine ties are labeled honestly.

Dimension	Amazon Web Services (AWS)	Google Cloud	Bottom line
1 · Signing the BAA (the gate)	Self-service in a console tool (AWS Artifact); one acceptance can cover all your organization's accounts. PHI must run on a service from the HIPAA-eligible list.^{1 2}	Self-service in the console; covers Google's infrastructure plus a named list of covered products. PHI must run on a covered product.⁵	Tie Both self-serve and free; both gate PHI to an approved list of services.
2 · Calling AI models by API	Amazon Bedrock — API access to many foundation models incl. Claude, Llama, and Amazon's own, all HIPAA-eligible, with SDKs.²	Gemini Enterprise Agent Platform — API access to Gemini plus a model garden that also includes Claude.⁵	Tie Both give HIPAA-eligible API access to top models — including Claude on either.
3 · Building & running agents	Bedrock AgentCore (HIPAA-eligible) for multi-step agents, plus Guardrails to filter sensitive data in/out.²	Agent Development Kit + managed Agent Engine runtime, with HIPAA support, customer-managed encryption keys, and network controls.⁵	Tie Both are production-grade agent stacks. Match to your team's skills.
4 · Keeping PHI safe in model calls (the risk)	Explicit retention switch. Set mode `none` = nothing stored or shared. Models that require sharing your prompts with the model maker become unavailable under `none`, and you can lock the whole org to it.³	Platform commitment + controls. Your prompts aren't used to train Google's models (a training commitment, not a zero-retention guarantee);⁶ add customer-managed keys and network controls.⁵	Tie — different mechanisms AWS gives a switch you must set; Google gives a standing commitment plus controls. Both need per-model diligence.
5 · Prebuilt healthcare building blocks	HealthLake (clinical data store), HealthScribe (ambient note drafting), Comprehend Medical (clinical-text extraction) — all HIPAA-eligible.²	Cloud Healthcare API and Healthcare Data Engine for ingesting/managing clinical data in standard health-data formats.⁵	Slight edge: AWS More ready-made clinical AI today; both have standards-based data stores.
6 · Cost & support	No HIPAA surcharge (no published price promise).¹ Paid support is 24/7, urgent response from <30 down to <5 min, with a named account manager at the upper tiers.⁴	States in writing it charges the same for HIPAA.⁵ Tiered support with a named Technical Account Manager at the Premium tier.⁷	Tie No HIPAA premium on either; comparable support ladders (Google puts the price promise in writing).

Tally: one slight edge to AWS (prebuilt clinical AI), five genuine ties. Neither platform is a "winner" for building HIPAA AI automations.

1 · The BAA gate

The first thing your organization does on either cloud, before any PHI moves through an automation.

The BAA is the vendor's legal commitment to protect the patient data you send it. On both clouds it's self-service — no procurement cycle, no lawyer-to-lawyer negotiation for the standard agreement. On AWS you accept it in a console tool called AWS Artifact, and a single acceptance can apply to every account your organization manages.¹ On Google Cloud you accept it in the console.⁵

On both clouds, signing the BAA does not bless the entire platform for PHI. AWS gates PHI to a published HIPAA-eligible services list;² Google's BAA covers its infrastructure and a published list of covered products. In practice both work the same way — check the list, keep PHI on it.

What it means for you: a tie. Either way, your team can have the agreement in place the same day, at no cost.

2 · Calling AI models by API — the core of any AI automation

Can you make API calls to strong models, under HIPAA? On both, yes — including Claude.

AWS — Amazon Bedrock. A single API/SDK to call many foundation models, including Anthropic's Claude, Meta's Llama, and Amazon's own models. Bedrock is HIPAA-eligible.²
Google Cloud — Gemini Enterprise Agent Platform. API access to Google's Gemini models plus a model garden that also includes Claude.⁵

What it means for you: a tie on raw capability. If your team specifically wants Claude under a BAA, you can have it on either platform. Decide on the rest of your stack and on the data-handling details in section 4.

3 · Building and running agents

Beyond one API call: frameworks to chain steps, use tools, and run agents in production.

AWS — Bedrock AgentCore, a HIPAA-eligible framework for building and deploying agent workflows, paired with Bedrock Guardrails, which can automatically detect and mask sensitive identifiers in prompts and responses.²
Google Cloud — Agent Development Kit (ADK) for building multi-agent systems, with a managed Agent Engine runtime to deploy and scale them. The agent runtime supports HIPAA, customer-managed encryption keys, and network isolation controls.⁵

Naming note — Vertex AI is now the "Gemini Enterprise Agent Platform" In 2026 Google consolidated its Vertex AI platform into the Gemini Enterprise Agent Platform. Google's own HIPAA covered-products list still names both "Gemini Enterprise Agent Platform" and "Vertex AI Workbench."⁵ For a compliance decision, confirm the exact product you'll use appears on Google's live covered-products list.

What it means for you: a tie. Both are credible, production-grade agent platforms.

4 · The #1 PHI risk — what happens to your prompts

This is where AI-automation compliance is won or lost. "The platform is HIPAA-eligible" does not mean every model is safe for PHI by default.

When your automation sends a prompt to a model, you must know: does anyone store or see that prompt afterward? A prompt can contain PHI, so retention and provider-sharing are the core HIPAA questions.

AWS — an explicit retention switch ³

none — zero data retention. No request or response data is stored by AWS or shared with the model provider. This is the setting to use for PHI.
provider_data_share — AWS retains your prompts/outputs and shares them with the model maker. Required by certain models. Avoid for PHI.

If you've set none and your code calls a model that requires sharing, that model shows as unavailable and the request is rejected rather than leaking data. You can enforce none across the whole organization with a Service Control Policy. The trade-off: it's a switch your team has to set correctly — get it wrong and the protection isn't there.³

Google Cloud — a standing commitment plus controls ⁶

Under the Google Cloud AI/ML Privacy Commitment, "customer data … is not used to train foundation models."⁶ Important nuance: that is a training commitment — confirm the retention terms for the specific service you call. On top of the commitment you add customer-managed encryption keys and network isolation controls.^{6 5}

The rule to carry into every build On both platforms, check each model's data-handling before sending real PHI. On AWS, set the retention mode to none and verify the model supports it;³ on Google, confirm the service is BAA-covered, check its retention terms, and apply customer-managed keys + network controls.^{5 6}

What it means for you: a tie on outcome, reached two different ways. Both can be run compliantly; both punish inattention.

5 · Prebuilt healthcare building blocks

How much clinical capability you get without building it yourself.

AWS has the deeper set of ready-made clinical AI, all HIPAA-eligible: HealthScribe (turns a visit conversation into a draft note), Comprehend Medical (extracts diagnoses, medications, and procedures from free-text notes), and HealthLake (a clinical data store using FHIR).²
Google Cloud offers the Cloud Healthcare API and Healthcare Data Engine — strong, standards-based services for ingesting and managing healthcare data (FHIR, DICOM, HL7v2) — but fewer turnkey "clinical AI" features.⁵

What it means for you: a slight edge to AWS if you want clinical AI capabilities working out of the box.

6 · Cost & support

Is there a "HIPAA tax," and who picks up when your automation breaks?

Cost: neither charges a premium for HIPAA. Google states it outright — "we can offer HIPAA regulated customers the same products at the same pricing … Other public clouds charge more money for their HIPAA cloud, we do not."⁵ AWS charges no fee for the BAA and no surcharge for regulated workloads.¹

Support: comparable ladders. AWS paid tiers are 24/7, with urgent-issue response targets from under 30 minutes to under 5; a named Technical Account Manager comes with Enterprise.⁴ Google Cloud offers Standard, Enhanced, and Premium, with a named Technical Account Manager at Premium.⁷

What it means for you: a tie. Google puts the price promise in writing.

Price & confirm for your specific build

Compliance is broadly a tie. These build-time variables often decide the real cost and feasibility.

Model token pricing. Inference is usually the dominant cost at scale. Compare the specific models you'll use — prices are not guaranteed to match across platforms.
Model & region availability under the BAA. Confirm the model versions you want are available and BAA-eligible in your required region.
Where inference runs (data residency). When a PHI-containing prompt is sent, which region processes it? Verify you can pin it to your required geography.
Rate limits & latency. Real-time clinical workflows can hit throttling. Check each platform's rate limits and typical latency for your call volume.
Audit logging. Both clouds log activity, and both can log model calls — but prompt/response logs can contain PHI, so those logs must be encrypted and access-controlled.
Fine-tuning / bring-your-own-model. If you plan to fine-tune on clinical data, confirm that path is HIPAA-eligible and understand where the training data and resulting model live.

Which is the better fit if…

No single winner — but clearer answers once you know your situation.

…you already build on one of them

Stay put. Both support HIPAA AI automations fully. Switching clouds is costly and risky, and compliance alone is not a reason.

…you specifically want Claude under a BAA

Either works. Claude is available HIPAA-eligible on AWS Bedrock² and in Google's model garden.⁵

…your compliance team wants a provable "retain nothing" control

Lean AWS. Bedrock's none retention mode, model unavailability when a model would share data, and org-wide policy enforcement give you an explicit, auditable switch.³

…you want the simplest "what's in scope" story

Lean Google Cloud. Its BAA spans the whole infrastructure and its privacy commitment is platform-wide.⁵

…you want clinical AI out of the box (ambient scribe, clinical NLP)

Lean AWS. HealthScribe and Comprehend Medical are hard to match today without building it yourself.²

…you want the no-HIPAA-premium pricing promise in writing

Lean Google Cloud. It publicly commits to the same pricing for HIPAA workloads.⁵

Before you build — five things to confirm

This guide is a starting map, not a compliance sign-off. Verify these with your team or vendor.

Check each model's data handling first. On AWS, set retention to none and confirm the model supports it;³ on Google, confirm the service is BAA-covered, check its retention terms, and apply customer-managed keys + network controls.^{5 6}
"Eligible/covered" is not "compliant." A service being on the approved list only means you're allowed to use it with PHI once your BAA is signed and it's configured correctly.
The lists and brands change. Both vendors update their approved-service lists regularly — re-check the live pages when you build.
Price out the build-time variables. See Price & confirm for what actually decides cost and feasibility.
This is not legal advice. Final HIPAA sign-off belongs with your legal, privacy, or compliance owner.

The one rule to carry away On both AWS and Google Cloud, HIPAA compliance is a shared responsibility: the vendor secures the platform, but signing the BAA and configuring your automation correctly — especially each model's data handling — are on you. Choosing the platform is the easy part; building on it compliantly is the ongoing job.

Sources

Every numbered citation above links here. All pages were read directly on 2026-06-12.

Amazon Web Services

1AWS HIPAA Compliance — self-service BAA via AWS Artifact, shared-responsibility framing, no-HIPAA-certification statement.
2AWS HIPAA Eligible Services Reference — the approved-services list (Last Updated May 22, 2026), Amazon Bedrock and Bedrock AgentCore, HealthLake, HealthScribe, Comprehend Medical.
3Amazon Bedrock — Data retention — retention modes, zero-data-retention behavior, model unavailability when share mode isn't permitted, IAM/SCP enforcement.
4AWS Support Plans — Business Support+, Enterprise, and Unified Operations; 24/7 coverage; response targets; named Technical Account Manager.

Google Cloud

5HIPAA Compliance on Google Cloud — self-service BAA, covered-products list (Gemini Enterprise Agent Platform, Vertex AI Workbench, Cloud Healthcare API, Healthcare Data Engine), no-HIPAA-premium statement.
6Data governance and generative AI (Google Cloud) — Google Cloud AI/ML Privacy Commitment (customer data not used to train foundation models), customer-managed encryption keys.
7Google Cloud Customer Care overview — Standard, Enhanced, and Premium tiers; Technical Account Manager at Premium.