Nonprofit healthcare sharing organization that subjects to HIPAA is using Amazon Web Services (AWS) HIPAA compliant cloud hosting solution to lower costs, become more agile, and innovate faster.
Industries: Healthcare, NonProfit, FinTech.
Client Location: USA.
Project Length: Apr. 2017 – Ongoing.
Challenge: Build a secure and robust high-load system for healthcare sharing automation.
Services & Tech: AWS, HIPAA, DevOps, High-Load, Serverless.
Technologies: AMAZON WEB SERVICES (Virtual Private Cloud, Elastic Load Balancer, Route 53, Cloudfront CDN, S3, DynamoDB, Multi-AZ, Glacier, EC2, RDS, Lambda).
Team Composition: CTO, Project Manager/ Scrum Master, Data Engineer, 4 Technical Lead/Senior .Net developers, 3 Front-End developers, 6 Back-End .Net Developers, 2 QA engineers, 2 DevOps, 1 UI/UX designer
The end-client is a nonprofit healthcare sharing organization, where members share each other’s medical expenses. The product offers medical financing and serves as an alternative to the high cost of health insurance. This means health care costs are shared among members of the organization who band together to help each other pay for medical expenses.
The organization connects social groups, banks, physicians, contributors, requesters (clients).
Healthcare sharing organization’s mission is to provide medical financing support and serve as an alternative to the high cost of health insurance for its members. Rapid growth created a challenge for their organization in terms of its infrastructure and scalability.
It was important to have a fully reliable application and secure HIPAA compliant cloud hosting environment that would be available 24/7.
The challenge was to build a secure and robust high-load system for healthcare sharing automation.
Meeting healthcare-specific needs, we realize that with HIPAA compliance, secure cloud-based infrastructure in AWS is a great asset.
AWS provides a secure environment that meets HIPAA compliance requirements, and a complete set of easy-to-use, flexible tools to manage growing amounts of data using solutions for high-performance computing, archiving, and storage.
When the capabilities of AWS are combined with DevCom’s software architects and certified DevOps engineers, it results in a personalized solution that enables healthcare organizations to store securely, process, transmit, and analyze information. It helps to lower costs, become more agile, and innovate faster.
⇒ Additional Reading: Essential Steps to HIPAA Compliant Cloud Hosting
DevCom implemented AWS Key Management Service (AWS KMS) to fulfill the security requirements.
AWS WAF – Web Application Firewall is used to protect its new and existing web applications. Amazon CloudWatch is used to monitor the system. The business migrated all CRM applications to the cloud, utilizing Amazon Elastic Compute Cloud (EC2) computing power with load balancers to manage users’ data.
Elastic Load Balancer with auto-scaling configuration and Multi-AZ support both for web and database service that allows high-availability and scalability based on demand level. Encrypted S3 storage with data-at-rest encryption provides HIPAA compliant mechanism for storing sensitive data. CloudFront CDN allows fast static content delivery to end-users. S3 and Glacier fulfill long-term and cost-effective backup capabilities.
➤ Elastic Load Balancer – distributes the incoming application or network traffic across multiple targets, such as Amazon EC2 instances, containers, and IP addresses, in multiple Availability Zones.
➤ Multi-AZ – provide enhanced availability and durability for Database (DB) Instances.
➤ Glacier – is a storage service optimized for infrequently used data, or “cold data.
➤ RDS – s a distributed relational database service by AWS.
➤ S3 – object storage built to store and retrieve any amount of data from anywhere.
➤ DynamoDB – fast and flexible NoSQL database service for any scale.
➤ Lambda – run code without thinking about servers. Pay only for the compute time you consume.
➤ CloudWatch – Complete visibility of your cloud resources and applications.
➤ Virtual Private Cloud (VPC) – provision a logically isolated section of the Amazon Web Services (AWS) Cloud where you can launch AWS resources in a virtual network that you define.
➤ CloudFront – fast, highly secure and programmable content delivery network (CDN).
➤ WAF & Shield – protect your web applications from common web exploits. Managed DDoS protection.
➤ Route 53 – a reliable and cost-effective way to route end users to Internet applications.
➤ CloudTrail – track user activity and API usage.
➤ Secrets Manager – easily rotate, manage, and retrieve database credentials, API keys, and other secrets through their lifecycle.
➤ CloudFormation – model and provision all your cloud infrastructure resources.
“ Our experience with AWS exceeded our expectations. We were looking for a secure and reliable cloud solution for SaaS. What we found were increased opportunities for the client’s business. We became more agile, more efficient, and more innovative.“ – Slavik Lavryk, Vice President of Software Development at DevCom.
By using Amazon Web Services, HIPAA compliant cloud hosting, the client has improved online security, eliminated downtime, and reduced the time and effort required to maintain company systems. The client was able to eliminate waste and enable the application to make full use of the available infrastructure.
✔ 99.99% uptime in the cloud.
✔ Better security than on-premises.
✔ Easier to achieve HIPAA compliance.
✔ Flexible to setup a high-load configuration.
✔ 13% higher satisfaction.
✔ AWS business support.
With DevCom’s IT support services, and custom software development services for Healthcare Organizations can focus on the strategic activities needed to achieve their growth goals, which start by creating a fully reliable application and secure HIPAA compliant cloud hosting environment.