Develop products in HIPAA-compliant cloud infrastructure

Implement secure, scalable and fully HIPAA compliant cloud infrastructure without having to establish in-house technical teams and manage all aspects of healthcare regulations

 

Brief description

HIPAA Compliant Cloud Infrastructure is a customizable solution, which allows to rapidly provision healthcare solutions on AWS. Built as a highly scalable, readily available, and secure infrastructure, it is reinforced through complementary services for access control, monitoring, reporting, and auditability.

 

Not only does the solution help migrate HIPAA-compliant systems to the cloud, but it also provides a solid background for developing HIPAA solutions from scratch.

 

Flexible and easily customizable, the HIPAA Compliant Cloud Infrastructure solution can simplify and accelerate the migration of your on-premises infrastructure and workloads to the cloud.

 
 

Key Benefits

How it works?

  • HIPAA Compliant Cloud Infrastructure is delivered as a CloudFormation template. 

  • The infrastructure consists of four separate organizations that are hosted in four different accounts, as recommended by the security guidelines of the AWS Well-Architected Framework. These accounts are DEV, PROD, Management, and Root env.

  • HIPAA Compliant Cloud Infrastructure can be customized to meet the goals and requirements of your application. AWS services for AI/ML, Big Data, Analytics, IoT, etc. can be added in line with the project objectives.

Root env

Used for billing and role-based access control in the organization. It does not contain any resources.

Management

Used to collect and audit CloudTrail logs. If required, it can support instances and buckets for data management, resource management, and network access control. It contains a CI/CD server based either on CodePipeline or on third-party solutions, such as  CircleCI, Gitlab, Jenkins, etc. To display the account’s stats in the BI dashboard, Amazon QuickSight is used.

PROD

Used as a limited access environment; engages with the customer data and the current version of the application. The app’s fundamental design is based on ELB (load balancing and BLUE/GREEN deployment with 0-downtime upgrade). Amazon EKS orchestrates the app in containers while Amazon RDS with HA replicas is used as a data layer. The app’s logs are saved and stored in Amazon CloudWatch, with audits done in Amazon CloudTrail, AWS Trusted Advisor, and AWS Lambda. Alerts and notifications are managed with Amazon SNS. To monitor and track sensitive data stored in Amazon S3 bucket, Amazon Macie is utilized.

DEV

Used as an environment almost identical to PROD. Unlike PROD, however, it does not contain any customer data, and it is used strictly by software developers and QA engineers assigned to the project.

AWS Cloud
 
  • Comprehensive reference architecture
    for resiliency, availability, and scalability

  • Information Dashboard

  • Incident Response Procedure

  • Audit Reports

  • Policies and Procedures

  • Asset Inventory

  • Contingency Plans

  • Risk Assessment

  • Employee Training

 
Key Features
 

How to deploy our software products?

Need more information?