I'm working with an android app sending data to a service hosted on AWS. The provider specifies that AWS in itself isn't HIPAA compliant.
In which way should this by a source of worry? Regardless of the nature of the data, what specific elements makes this a problem? It seems to me that it not so specific from a cyber security perspective?
EDIT: This is not for a health care application. However the service provider mention it is not compliant on its website - therefore I want to know what practically this compromises (or not) from a security perspective. I know that some clients in some applications (or governement agencies) will not use services not compliant with certain standards (such as HIPAA). However, to me it doesn't mean that being non-HIPAA is unsafe - for all I know it could easily be mostly about PR and not so much about security of the service/data on the server.