Blog: Announcing Heroku Shield - Manage Sensitive Customer Data with Confidence

Apr 12, 2017

by Abe Pursell

Companies in regulated industries face a balancing act between delivering a modern customer experience and going the extra mile to meet mandated compliance and security requirements. For example, Healthcare & Life Science organizations need to innovate with care providers, patients, families, and employees. Architecting healthcare apps requires that companies implement rigorous measures to protect personal healthcare information. These requirements often slow down the ability to build new features quickly and deploy apps that don’t compromise customer data.

Introducing Heroku Shield: Build high-compliance apps on Heroku
Heroku Shield is a set of services, included in Heroku Enterprise, used for running high-compliance applications on Heroku. Heroku Shield Services offer additional encryption and logging controls that are used by developers to meet regulatory compliance requirements.

We are targeting HIPAA compliance as a first use case.

Regulated companies can now deliver engaging customer experiences on Heroku by building custom apps with access to CRM data and a developer experience that focuses on shipping code, not infrastructure. 

When you deploy an app on Heroku that handles PHI, the safe handling of your data becomes a shared responsibility between Salesforce and your organization. The Salesforce Business Associate Agreement (BAA) along with the Heroku addendum becomes the authoritative source for what responsibilities Salesforce has committed and everything outside of the BAA stays with the customer.

To learn more, please view these assets. And remember to Connect with your Heroku co-prime in customer conversations about Heroku Shield.

Learn more about Heroku for Partners here. Additional questions? Engage with us in the App Cloud Group.

#blog #news