Neon is now HIPAA compliant ✅

Neon is now fully HIPAA compliant, adding to our existing security certifications (SOC 2 Type 2, ISO 27001, ISO 27701) and regulatory alignments (GDPR, CCPA).

Neon's compliance certifications with HIPAA highlighted

✨New✨: HIPAA compliance certification added to our security achievements

HIPAA (Health Insurance Portability and Accountability Act) is a U.S. law that sets national standards for the protection of personal health information (PHI) and regulates how healthcare providers, insurers, and business associates handle electronic health records (EHRs).

If you develop applications that must comply with HIPAA, you can now build on Neon. HIPAA is available as an add-on to Neon's Business and Enterprise plans. To get started, reach out to the Neon Sales team. They'll work with you on a Business Associate Agreement (BAA) and enable HIPAA for your account. Read the blog post for more: Neon is HIPAA Compliant.

Business and Enterprise customers can request a copy of Neon's HIPAA compliance report through our Trust Center.

Neon joins GitHub's Secret Scanning Partner program 🔒

Neon is now a GitHub Secret Scanning Partner, helping protect users by automatically detecting exposed Neon database credentials and API keys in public GitHub repositories. When a secret is detected, GitHub notifies Neon, triggering alerts to our security team and affected users. This integration adds an extra layer of security, ensuring leaked credentials are identified and mitigated before they can be exploited. Learn more in our security documentation.

AI rules for building with Neon 🤖

We've released official rules (.mdc files) to help AI-powered development tools better understand and generate Neon-related code. These rules cover Neon Auth implementation, serverless deployment best practices, and Drizzle ORM integration. Try them out in Cursor or any AI tool that supports custom context rules. View the rules repository.

Neon Auth added to MCP Server 🛠️

We've also added a new provision_neon_auth command to the Neon MCP Server that automates setting up Neon Auth in your Neon projects. This tool:

  • Creates the necessary auth schema and tables
  • Configures Stack Auth integration
  • Provides all required environment variables and credentials

Try it out in any IDE or AI tool that supports the Model Context Protocol (MCP). Just ask to "set up authentication for my Neon project" and the MCP Server will handle the rest.

"LAST" login indicator

We've added a simple LAST tag on our login screen that shows which authentication method you previously used. No more guessing which login method to choose when returning to Neon!

Login screen showing a LAST indicator on the Google login option

Fixes & improvements

  • Neon Console

    • Updated AWS region names to match their official AWS identifiers (e.g., "AWS US East 1" instead of "AWS US East"), making it easier to identify familiar regions when creating a new project.

      AWS region selector showing numbered regions

    • The Connect to your database modal on the Project Dashboard now remembers your last selected connection snippet (like Node.js, Python, psql, etc.), automatically showing your preferred connection snippet when you return to the modal.

    • Improved SQL Editor responsiveness by unlocking the Run button more quickly after query execution.

  • Neon API

    Added consistent email validation across all endpoints (1-256 characters).

  • Neon CLI

    The create-app command has been removed.

  • 1Password integration

    Improved how connection strings are saved in 1Password — it now stores the complete connection string in a single field for easier copy/paste functionality.

  • Organization billing

    Added support for organizations to downgrade to the Free plan, with clear visibility into any applicable limitations before downgrading.

  • Neon on Azure

    Added support for changing your Neon plan directly via the Azure portal. See Changing your plan for instructions.