Amazon Nova Act is now HIPAA eligible

/ Blog / Leave a Comment
Amazon Nova Act is now HIPAA eligible

Healthcare and life sciences (HCLS) organizations depend on repetitive, manual browser-based tasks for critical workflows like claims processing and referral coordination. While agentic AI can automate these workflows, compliance requirements under the Health Insurance Portability and Accountability Act (HIPAA) have limited adoption where electronically protected health information (ePHI) might be present.Amazon Nova Act now qualifies as a HIPAA eligible service, so you can deploy autonomous, browser-based AI agents to automate complex healthcare workflows in connection with ePHI.

In this post, you will learn what Nova Act offers, how HIPAA eligibility applies to agentic AI, and how to get started.

About Amazon Nova Act

Amazon Nova Act is available as an AWS service to build and manage fleets of reliable AI agents for automating production UI workflows at scale. Nova Act completes repetitive UI workflows in the browser and escalates to a human supervisor when appropriate. Nova Act also integrates with external tools through API calls, remote Model Control Protocol (MCP), or agentic frameworks, such as Strand Agents. You can define workflows by combining the flexibility of natural language with Python code.

Amazon Nova Act helps you automate real-world browser tasks that previously required manual effort. The model can navigate websites, fill out forms, extract information, and complete multi-step workflows on your behalf. For HCLS organizations, this translates to reduced administrative burden, faster claims turnaround, and more consistent execution of routine processes.

Why HIPAA eligibility matters for agentic AI

Unlike models that only generate text, agentic AI systems interact with live systems, access data, and execute workflows that might involve Protected Health Information (PHI). Under the AWS Shared Responsibility Model, we manage the security of the underlying infrastructure, and you remain responsible for configuring controls to achieve HIPAA compliance within your deployments.

Healthcare use cases

With HIPAA eligibility, you can now automate appointment scheduling, insurance verification, and prior authorization across provider and payer portals. You can check claim status, submit appeals, and track reimbursements on payer websites without manual intervention. You can also send and track referrals between providers and gather data from multiple systems for compliance reporting.

Getting started

To begin using Nova Act in your HIPAA-eligible environment, complete the following steps:

  1. Execute an AWS BAA through the self-service process in the AWS Management Console and designate your account as a HIPAA account.
  2. Review the Nova Act documentation for service-specific security configurations.
  3. Implement security controls including AWS Identity and Access Management (IAM) access policies, AWS Key Management Service (AWS KMS) encryption, and AWS CloudTrail logging.
  4. Conduct a design review using the AWS Well-Architected Tool before deploying workloads involving ePHI.

For detailed implementation guidance, consider engaging AWS Professional Services or an AWS generative AI Competency Partner.

Things to know

  • HIPAA eligibility – Amazon Nova Act is included in the HIPAA Eligible Services Reference list. If you have a signed AWS BAA, you can use Nova Act to process ePHI.
  • Integration – Nova Act works with the Strands Agents framework and integrates with Amazon Bedrock AgentCore, Amazon CloudWatch, and IAM.
  • Availability – Amazon Nova Act is available in the US East (N. Virginia) AWS Region. For a list of available services in each Region, see AWS Capabilities by Region page.
  • Pricing – Visit the Amazon Nova Act pricing page for details.
  • Compliance note – HIPAA eligibility means the service is designed for use in accordance with HIPAA requirements. You’re responsible for configuring the service to meet your specific compliance obligations. This announcement isn’t intended to provide legal or compliance advice.

Conclusion

With HIPAA eligibility, you can now bring agentic AI to regulated healthcare environments. Execute your AWS BAA today and explore the Nova Act documentation to deploy your first compliant agentic AI workflow.

For more information, visit AWS Cloud Security — HIPAA Compliance and the HIPAA Eligible Services Reference.

Further reading

About the authors

Abiola Babsalaam is a Senior Technical Account Manager at Amazon Web Services (AWS), where he serves as a trusted cloud advisor to enterprise customers in the financial services industry. With deep expertise in generative AI, agentic AI, database architecture, and cloud strategy, Abiola helps organizations harness the power of AWS AI/ML services to modernize their infrastructure, automate complex workflows, and drive innovation at scale.

Nishant Dhiman is a Senior Solutions Architect at AWS based in Sydney. He comes with an extensive background in Serverless, Generative AI, Security and Mobile platform offerings. He is a voracious reader and a passionate technologist. He loves to interact with customers and believes in giving back to community by learning and sharing. Outside of work, he likes to keep himself engaged with podcasts, calligraphy and music.

Shruti Arora is a GenAI Specialist Solutions Architect at Amazon AGI, where she partners with customers across industries to design and deploy agentic systems in production. She brings a strong foundation in software development and solutions architecture, with a track record of turning complex AI concepts into real-world applications. Outside of work, Shruti is equally curious. You’ll find her lost in a good book or diving into a new art and craft project.

​ 

Related Posts

Leave a Comment

Your email address will not be published. Required fields are marked *

Sign In

Don't have an account yet? Register

Forgot password?

Register

Reset Password

Please enter your username or email address, you will receive a link to create a new password via email.

Scroll to Top