--- title: HIPAA compliance, GitHub Secret Scanning, Neon Auth added to MCP Server, and more --- ## Neon is now HIPAA compliant βœ… Neon is now fully HIPAA compliant, adding to our existing security certifications (SOC 2 Type 2, ISO 27001, ISO 27701) and regulatory alignments (GDPR, CCPA). ![Neon's compliance certifications with HIPAA highlighted](/docs/changelog/compliance-badges.png) _✨New✨: HIPAA compliance certification added to our security achievements_ HIPAA (Health Insurance Portability and Accountability Act) is a U.S. law that sets national standards for the protection of personal health information (PHI) and regulates how healthcare providers, insurers, and business associates handle electronic health records (EHRs). If you develop applications that must comply with HIPAA, you can now build on Neon. HIPAA is available as an add-on to Neon's Business and Enterprise plans. To get started, reach out to the [Neon Sales team](/contact-sales). They'll work with you on a Business Associate Agreement (BAA) and enable HIPAA for your account. Read the blog post for more: [Neon is HIPAA Compliant](/blog/hipaa). Business and Enterprise customers can request a copy of Neon's HIPAA compliance report through our [Trust Center](https://trust.neon.tech/). ## Neon joins GitHub's Secret Scanning Partner program πŸ”’ Neon is now a GitHub Secret Scanning Partner, helping protect users by automatically detecting exposed Neon database credentials and API keys in public GitHub repositories. When a secret is detected, GitHub notifies Neon, triggering alerts to our security team and affected users. This integration adds an extra layer of security, ensuring leaked credentials are identified and mitigated before they can be exploited. Learn more in our [security documentation](/docs/security/security-overview#github-secret-scanning). ## AI rules for building with Neon πŸ€– We've released official rules (.mdc files) to help AI-powered development tools better understand and generate Neon-related code. These rules cover Neon Auth implementation, serverless deployment best practices, and Drizzle ORM integration. Try them out in Cursor or any AI tool that supports custom context rules. [View the rules repository](https://github.com/neondatabase-labs/ai-rules). ## Neon Auth added to MCP Server πŸ› οΈ We've also added a new `provision_neon_auth` command to the [Neon MCP Server](https://github.com/neondatabase-labs/mcp-server-neon) that automates setting up [Neon Auth](/docs/guides/neon-auth) in your Neon projects. This tool: - Creates the necessary auth schema and tables - Configures Stack Auth integration - Provides all required environment variables and credentials Try it out in any IDE or AI tool that supports the [Model Context Protocol (MCP)](https://docs.anthropic.com/en/docs/agents-and-tools/mcp). Just ask to "set up authentication for my Neon project" and the MCP Server will handle the rest. ## "LAST" login indicator We've added a simple **LAST** tag on our login screen that shows which authentication method you previously used. No more guessing which login method to choose when returning to Neon! ![Login screen showing a LAST indicator on the Google login option](/docs/changelog/last-indicator-image.png)
**Fixes & improvements** - **Neon Console** - Updated AWS region names to match their official AWS identifiers (e.g., "AWS US East 1" instead of "AWS US East"), making it easier to identify familiar regions when creating a new project. ![AWS region selector showing numbered regions](/docs/changelog/aws_regions_image.png) - The **Connect to your database** modal on the **Project Dashboard** now remembers your last selected connection snippet (like Node.js, Python, psql, etc.), automatically showing your preferred connection snippet when you return to the modal. - Improved SQL Editor responsiveness by unlocking the **Run** button more quickly after query execution. - **Neon API** Added consistent email validation across all endpoints (1-256 characters). - **Neon CLI** The `create-app` command has been removed. - **1Password integration** Improved how connection strings are saved in 1Password β€” it now stores the complete connection string in a single field for easier copy/paste functionality. - **Organization billing** Added support for organizations to [downgrade](/docs/manage/orgs-manage#downgrade-to-free-plan) to the Free plan, with clear visibility into any applicable limitations before downgrading. - **Neon on Azure** Added support for changing your Neon plan directly via the Azure portal. See [Changing your plan](/docs/introduction/billing-azure-marketplace#changing-your-pricing-plan) for instructions.