paidsponsor
Reputation: 31
Do I need to encrypt my payloads if I am forcing https?
Building an API that needs to be HIPPA compliant.
So far the stack is
FastApi -> Docker Image -> AWS Lambda with Env Variables -> AWS API Gateway secured endpoints with API Keys.
While encrypting the database on MongoDb, doesn't seem like MongoDB's transport encrypts the payload (I understand that it's using HTTPS, so it encrypts the entire message)
They have an encrypt in store which is HIPPA requirements ofc but made me wonder,
For my Client Side API, do I need to Encrypt the payload to be HIPPA compliant? Or does enforcing an API key with HTTPS suffice?
Upvotes: -1
Views: 54
Answers (0)
Related Questions
- Reducing over 30 seconds cold start on AWS API Gateway + Lambda
- AWS call Lambda inside VPC to another Lambda in another VPC
- Are HTTPS headers encrypted?
- Iterate over multiple payloads and take multiple screenshots with Puppeteer AWS Lambda
- Performant API to handle many requests
- AWS API Gateway Lambda as a proxy for microservices