Hi @stinagopen, HIPAA compliance requires more than just the server to fulfill requirements, it extends to how the server stores and transfers different kinds of data, what kinds of logs need to be kept at what level, etc. Beyond technical requirements of the server and software there are also legal agreements, insurance requirements, and specific business rules that have to be put in place and monitored to ensure compliance.
The old text about AWS’s HIPAA compliance were confusing; thanks for pointing it out. The support article has been updated.
Please get in touch directly if you want to discuss how to help you get HIPAA support for your work when using KoBoToolbox. 
