A US-based healthcare start-up was not being able to maintain a secure cloud infrastructure as per compliance standards. It was also facing problems in protecting sensitive PHI.
THE APPROACH
- Directly imported available patient and pharmaceutical data into database
- Developed function to directly fetch data from health devices and feed into system
- Created necessary interface for medical practitioners to upload data on day-to-day basis
- Dedicated compute resource for analytics to be deployed in final/ go-live version
TECHNOLOGY COMPONENTS
- Amazon EC2 and S3
- Encrypted database – AWS RDS
- Cloud API log – AWS CloudTrail
- IP whitelisting – AWS VPC Security Group
- Host-based firewalls – iptables
- HTTPS – SSL Certificates
THE BUSINESS CHALLENGE
The start-up needed to deploy a cloud solution that could enable infrastructure audit trails, support HIPAA- compliant infrastructure on the cloud, address security concerns with regard to sensitive protected PHI, and bring about cost-sensitive deployment.
TRANSFORMATIONAL EFFECTS
- HIPAA-compliant AWS services used to set up infrastructure
- Deployed multiple levels of security to protect sensitive data
- Consolidated services to reduce cost
- Migrated and hosted solution on supported and managed application stack
- Maintained infrastructure audit trails using AWS services
