AI Provider Trust Registry evidence verified as of 2026-07-05

Registry / Claude via AWS Bedrock

Claude via AWS Bedrock

developer: Anthropic platform: AWS Bedrock category: cloud distribution

Anthropic's Claude models served through Amazon Bedrock, AWS's managed foundation-model service. Vendor-trust and data-handling posture is AWS's (SOC/ISO scope, AWS BAA, GDPR DPA, Bedrock retention controls); EU AI Act provider obligations (GPAI Code of Practice, Art 53) sit with Anthropic as the model developer.

Watch-outs 2

The cells where this offering is not a clean public yes. This is what to check before you sign.

Vendor trust
SOC 2 Type II Is a SOC 2 Type II report available for this offering?
Yes, public confidence: high · verified 2026-07-05

Two-level rule: this grades AWS (the serving platform), not Anthropic. Amazon Bedrock is listed with a checkmark on AWS's SOC services-in-scope page. The SOC 2 Type II report itself is retrieved self-serve via AWS Artifact (console, click-through confidentiality terms) rather than a public download.

tier: self_serve · route: trust_center_nda · default: enabled ·

scope_note: Amazon Bedrock in scope for SOC 1, 2, 3 (excludes Amazon Bedrock Marketplace)

source

ISO 27001 Is there an ISO/IEC 27001 certification covering this offering?
Yes, public confidence: high · verified 2026-07-05

AWS holds ISO/IEC 27001:2022 certification with Amazon Bedrock named on the public ISO-certified services list (also 27017/27018/27701 programs). Certificates downloadable via AWS Artifact.

tier: self_serve · route: trust_center_nda · default: enabled ·

standard: ISO/IEC 27001:2022 · scope_note: Amazon Bedrock listed (excludes Amazon Bedrock Marketplace)

source

ISO 42001 Is there an ISO/IEC 42001 (AI management system) certification?
Yes, public confidence: medium · verified 2026-07-05

AWS holds an accredited ISO/IEC 42001:2023 AI-management-system certification; AWS announced (Nov 2024) that the initial scope covered Amazon Bedrock, Amazon Q Business, Amazon Textract, and Amazon Transcribe, and reported a clean first surveillance audit (Nov 2025). The FAQ page confirms the certificate exists but the authoritative service-scope list is inside the certificate, accessed via AWS Artifact, hence medium confidence pending a human pull of the certificate.

tier: self_serve · route: trust_center_nda · default: enabled ·

standard: ISO/IEC 42001:2023 · first_certified: 2024-11

source

Trust center Is there a maintained trust center / compliance portal?
Yes, public confidence: high · verified 2026-07-05

AWS Artifact is the compliance portal: on-demand, self-serve access to auditor-issued reports/certifications and to agreements (e.g. the BAA) from the AWS console. Public compliance program pages (aws.amazon.com/compliance/) complement it. This grades AWS, not Anthropic.

tier: self_serve · route: public · default: enabled ·

source

Data handling
HIPAA BAA Will they sign a HIPAA Business Associate Agreement covering this offering?
Yes, public confidence: high · verified 2026-07-05

Amazon Bedrock is on AWS's public HIPAA Eligible Services list. PHI use requires first entering the AWS Business Associate Addendum (accepted self-serve via AWS Artifact agreements). default=requires_config because the BAA must be accepted and workloads confined to eligible services before PHI is in scope.

tier: self_serve · route: public · default: requires_config ·

source · archived copy

GDPR DPA Is there a public DPA with SCCs and a published subprocessor list?
Yes, public confidence: high · verified 2026-07-05

The AWS GDPR Data Processing Addendum is incorporated automatically into the AWS Service Terms for all customers, includes the 2021 EU Standard Contractual Clauses, and AWS maintains a published sub-processors page referenced from the GDPR Center. Bedrock FAQ states customers can use Bedrock in compliance with GDPR.

tier: self_serve · route: public · default: enabled ·

sccs: EC June 2021 SCCs incorporated

source

No-training default Is there a public commitment not to train on customer API data by default?
Yes, public confidence: high · verified 2026-07-05

Bedrock FAQ: "your content is not used to improve the base models and is not shared with any model providers"; AWS and third-party model providers "will not use any inputs to or outputs from Amazon Bedrock to train" their models. Architecturally, model-provider deployment accounts give Anthropic no access to prompts/completions (docs.aws.amazon.com/bedrock/latest/userguide/data-protection.html). Caveat: the newest Claude models (Fable 5, Mythos 5) require an explicit provider_data_share opt-in that shares retained traffic with Anthropic for trust-and-safety review, a safety-review carve-out, not a training grant; the no-training commitment still applies.

tier: self_serve · route: public · default: enabled ·

source · archived copy

Retention / ZDR Is retention documented, and is zero-data-retention available?
Partial confidence: high · verified 2026-07-05

Retention is thoroughly documented, hence not a clean "yes". Bedrock's baseline is zero data retention and zero operator access, inputs/outputs are not stored by default, and older Claude models keep that behavior. But Claude Fable 5 and Claude Mythos 5 are gated on data_retention_mode=provider_data_share: prompts/completions are retained up to 30 days and shared with Anthropic for abuse detection and potential human review (per abuse-detection page). Customers can enforce org-wide ZDR via SCPs, and eligible customers may request full ZDR on those models through their AWS account team (per-account, per-model approval with the model provider), that approval path is why route=sales_contract and default=requires_config. Availability tier is self_serve for the controls themselves.

tier: self_serve · route: sales_contract · default: requires_config ·

zdr_mode: data_retention_mode: none (account or project scope) · default_model: ZDR + zero-operator-access for most models by default · provider_share_retention_days: 30

source · archived copy

Residency Can data be pinned to a region (especially the EU)?
Yes, public confidence: high · verified 2026-07-05

Bedrock FAQ: "Any customer content processed by Amazon Bedrock is encrypted and stored at rest in the AWS Region where you are using Amazon Bedrock." Claude is offered in EU regions, so EU pinning is achievable by selecting an EU region and in-region model profiles. default=requires_config because cross-region inference, if enabled, stores retained inputs/outputs in destination regions (per the data-retention and abuse-detection pages), residency holds only if you keep inference in-region or restrict routing to an EU geography.

tier: self_serve · route: public · default: requires_config · geography: EU regions available

source · archived copy

EU AI Act
GPAI Code Is the model developer on the EC's GPAI Code of Practice signatory list?
Yes, public confidence: high · verified 2026-07-05

Two-level rule: the GPAI Code of Practice is a provider (model developer) obligation, so this cell grades Anthropic, not AWS. Anthropic is on the EC's signatory list for the full Code (announced its intent at anthropic.com/news/eu-code-practice). Separately, Amazon itself also appears on the EC signatory list in its own capacity (as an Amazon GPAI provider), which does not substitute for Anthropic's obligations for Claude. Only xAI signed a subset (Safety & Security chapter).

route: public · geography: EU

chapters: all (Transparency, Copyright, Safety & Security) · signatory: Anthropic

source · archived copy

Art. 53 summary Has the model developer published the Art. 53 training-data summary?
No public evidence confidence: medium · verified 2026-07-05

Grades Anthropic (model developer). No public training-content summary using the EU Commission's Article 53(1)(d) template was found on anthropic.com (Transparency Hub, news, policy pages) as of 2026-07-05. Anthropic's system cards do describe training data at category level ("proprietary mix of publicly available information ... non-public data from third parties, data-labeling services and paid contractors, opted-in Claude user data, internally generated data"), which is transparency but not the EU-template summary. Context: the obligation applies from 2025-08-02 for newly placed models, with a 2027-08-02 deadline for models placed before that date. Worth a human re-check for a template-based summary published in a location this research missed.

geography: EU

no public source

Spotted an error? Submit a correction with evidence, corrections with a primary source are folded in and credited in the changelog.