Aliera Healthcare Selects eCloud for HIPAA environment buildout

Executive Summary

Healthcare providers are seeing the value of the public cloud and are making the move to AWS. The flexibility, security, reliability, and reduced operating costs are hard to pass up – and they’re the reason why many companies are still migrating to public cloud solutions today.

Healthcare providers’ traditional system integrators and partners are not as cloud-savvy as they may claim.  How can Healthcare providers get their messaging and marketing content out across the globe, while maintaining compliance and security?  Here’s one of our most successful examples:

The Challenge

The challenge was multi-faceted: One of our clients in the healthcare industry, Aliera Healthcare needed to optimize, update, and re-engineer their existing AWS environment. They were already using AWS, but the performance, reliability, and scalability of the platform were lacking and application performance needed optimization.

There was a second significant challenge, too: HIPAA compliance. HIPAA, or the Health Insurance Portability and Accountability Act, has been U.S. law since 1996. The most important section of this act is Title II, which sets the standards for digital healthcare data access and transfers while remaining in compliance with privacy regulations set by the U.S. Department of Health and Human Services. Not just any public platform can hold, process, and transfer healthcare-specific data – only fully compliant cloud services can be used for this kind of migration.

The third significant challenge was cost containment. Aliera Healthcare needed additional reliability and scalability while addressing the legal regulations of the healthcare industry. To keep the cost of this project affordable, the right public platform and services would have to be selected and implemented correctly.

The eCloud Solution

To ensure we met all stated objectives, eCloud Managed Solutions organized a 10-tier plan that we implemented over the course of 13 weeks. We started with building out the application security and storage tiers. From there, our team focused on connectivity and security with the DNS and monitoring tiers. To conclude the development and deployment and ensure future success, we added the final four tiers focused on automation, storage, Microsoft workload migration and analytics. This solution ensured that Aliera Healthcare felt the immediate business impact of this application migration to production as well as experiencing a longer-term payoff – all while remaining HIPAA compliant.

Elastic Beanstalk and HIPAA Compliance

The first and most important step was migrating to a reliable, scalable, cost-effective, and HIPAA compliant application platform that allowed the client to develop code without having to deal with dev ops overhead. Amazon Elastic Beanstalk combined with its use of Amazon EC2 Container Service (Amazon ECS) was our immediate choice for this scenario. This deployment solution, which is used by pharmaceutical company Novartis, who trusts that their cloud transfers – which contain highly sensitive data – will be HIPAA compliant. It’s also trusted by entertainment giant Netflix as well as NASA’s Jet Propulsion Laboratory, which used it for the Mars Curiosity Mission. Why do you ask? Because Amazon’s ECS isn’t just secure; it also boasts impressive reliability (99.95 percent for each ECS Region) and formidable auto-scaling capabilities, in addition to the low cost of operation that Aliera Healthcare needed. Amazon Elastic Beanstalk with Amazon ECS was the perfect place to start.

Also in order to meet the HIPAA compliance standards we needed to make sure all data was encrypted in transit and at rest along with a preferred Intrusion Detection System (IDS). Amazon EBS (Elastic Block Storage) with encryption enabled was the perfect fit to meet the encryption at rest. Then forcing SSL encryption for all internal and external communications between the applications and database, this would satisfy the encryption in-transit requirement.

AWS WAF, CloudWatch and CloudTrail

To monitor uptime and security requirements and prevent attacks and intrusions, we configured a combination of Amazon WAF, CloudWatch and CloudTrail. CloudWatch ensures that all functions of an application run quickly and smoothly. WAF security rules were put in place to provide control over which web application traffic to allow. If there’s ever a need to scale up, CloudWatch logs events and sends alerts so that additional resources can be dedicated to the application. CloudTrail, on the other hand, monitors the back end of the application, ensuring governance, compliance, and operational and risk auditing services are all being performed. While CloudWatch looks at application demands, CloudTrail notes AWS account activity, including changes to the Management Console, SDKs, and command line tools. Together, these services ensure this client always has automated eyes on their application security and performance.

AWS Cost Optimization

Once all of the environments were deployed and tested we implemented cloud storage policies to leverage cost optimization best practices, continuous evaluation and EC2 right sizing.  We built rules for S3, Infrequent S3 and Glacier to lower costs driven by compliance and well architected framework.

Final Result and Benefits

With eCloud Managed Solution’s guidance and direction, Aliera Healthcare was able to get the business and performance improvements they were looking for. Since launch, they’ve seen all the cost savings they expected as well as the future-proofing they hoped for. Thanks to our dedicated Architecture team that follows the AWS Well Architected Framework and the flexibility of AWS Platform, eCloud Managed Solutions was able to build a safe, cost effective and HIPAA compliant environment.

About the Author