HIPAA regulated organizations routinely store protected health information on the cloud. This has been common practice for many years. The physical location is legally irrelevant as long as security and privacy requirements are met. AWS and other large cloud vendors specifically target this market and make it easy to achieve legal compliance.

https://aws.amazon.com/compliance/hipaa-compliance/