A healthcare company is using Amazon Bedrock to summarize patient notes. The compliance team requires that no patient data is used to improve the underlying foundation model. Which configuration should the team choose?
Trap 1: Enable data encryption in transit and at rest.
Encryption protects data confidentiality but does not prevent the model provider from using the data for training.
Trap 2: Use a different foundation model from a different provider.
Simply switching models does not guarantee that data will not be used for training unless the provider offers similar controls.
Trap 3: Configure a VPC endpoint for Amazon Bedrock.
VPC endpoints keep traffic within the AWS network but do not affect data usage for training.
- A
Enable data encryption in transit and at rest.
Why wrong: Encryption protects data confidentiality but does not prevent the model provider from using the data for training.
- B
Use a different foundation model from a different provider.
Why wrong: Simply switching models does not guarantee that data will not be used for training unless the provider offers similar controls.
- C
Disable model training data logging in the AWS console.
This setting prevents prompts and completions from being used for model improvement.
- D
Configure a VPC endpoint for Amazon Bedrock.
Why wrong: VPC endpoints keep traffic within the AWS network but do not affect data usage for training.