Maintaining a HIPAA Compliant Architecture in AWS

We decided to place a lot of trust in Velotio to help build out our HIPAA compliant Cloud infrastructure. Velotio went above and beyond to deliver a world class solution.

CTO
Cloud & DevOps
Boston, MA
$7 million
6 months
Tech Stack Used
AWS OpsWorks
AWS Cloud Formation
Apache Spark
PostgreSQL


Established in 2007, the customer is one of the leading SaaS-based platforms that enables US healthcare institutes to deliver an improved elderly care experience, while adding to their business growth.

The software is currently being used by over 12000 institutes every day and aims to establish a more collaborative and data-backed approach to address the challenges faced by elderly all across the country.

Cloud & DevOps
Tech Stack Used:
AWS OpsWorks
AWS Cloud Formation
Apache Spark
PostgreSQL
Results

- Implemented a self-healing, HIPAA-compliant architecture to ensure the safety of patients’ data.

- Implemented a completely automated continuous delivery pipeline that reduced operational costs considerably.

- Ensured a secure connection with the customer's production data center to enable single sign-on with other services.

Talk to us

Business Context:

The patient data on the platform is collected from medical institutes around North America. As the company deals directly with the sensitive personal health information (PHI) of patients, their cloud infrastructure must comply with the Health Insurance Portability and Accountability Act (HIPAA) and all the latest security guidelines defined under it.

The customer was looking for a technology partner that could help them set up a continuous delivery pipeline that fully complies with HIPAA security guidelines. Velotio’s proven expertise in DevOps services as well as building HIPAA-compliant architectures made it easier to choose them over other vendors.

How Velotio Helped?

Velotio’s team of experienced Solution Architects designed and implemented a fault-tolerant architecture that fully complied with all HIPAA requirements and ensured safe processing of patient data on the analytics platform.

The DevOps experts helped build an automated delivery pipeline with clear segregation of duty policies. The discovery mechanism was built to configure the overall stack, automate DNS management, relevant secrets management, et al. The pipeline also enabled integration with the customer’s release process, making it faster for the development team to iterate and push frequent releases, while the operations team took responsibility for the final validation and updation to the production environment.

HIPAA compliant architecture in AWS

The team isolated all the services inside the network, but ensured a secure connection with the customer's production data center. This facilitated the data loading and ingestion and enabled single sign-on with other web application services used by the customer.  


The platform can now easily handle high volumes of data and scale to meet the demands of a Hadoop-based ingestive service, such as higher processing speed and low latency data replication.


The team combined multiple solutions to achieve this:

-  I/O and compute intensive instances running on dedicated hardware were put closer in placement groups

- Enhanced networking and provisioned IOPS were used to handle the high query load on the PostgreSQL data warehouse

- Instance types were optimized to manage bandwidth needs required by Tableau and the application’s servers to perform analytics operations and data modeling  


Improving the infrastructure had a snowball effect in other aspects of technology as well. The customer could now take advantage of several tools and managed services (like IAM, VPC, S3, CloudFormation, AutoScaling, ELB and Route53) that improved their deployment automation and reduced operational costs.

The team combined Chef with AWS tools to implement complete automation and utilized the DevOps expertise to build a powerful continuous delivery pipeline, which is now used by both Development and Operations teams.  

After building the continuous delivery pipeline, Velotio’s team worked with the customer’s in-house team to automate bootstrapping and resource provisioning by combining Chef-based provisioning with AWS CloudFormation. This helped us build a fully-automated infrastructure that is managed as a code and can be used to build additional sandbox, staging or pre-production environments, or to rebuild the main production environment in the event of a disaster or in the event that moving to another AWS region is needed.

Result

  • Implemented self-healing, fault-tolerant services like site-to-site and host-to-host VPN or NAT gateways across multiple Availability Zones.  
  • Implemented an exclusive, fully-managed DNS that supports reverse host lookup using Route 53. This is shared across VPN to ensure easy access to integrated services. 
  • Implemented one-way connectivity to shared resources outside the network to deploy packages and cookbooks easily from the production network. 
  • Configured the software safely by managing the secrets and other credentials required by the Chef cookbooks without exposing them to any external production environment. 
  • Ensured that the discovery mechanism can classify parameters to handle application configuration across multiple environments.   
  • Ensured appropriate in-transit encryption across all devices to provide a reliable and secure delivery of SSL key stores and keys etc. to all nodes. 

Velotio’s Cloud team is unparalleled in their vast knowledge of the AWS Cloud ecosystem. Their resources have accelerated delivery and brought immense value to the team.

Lead, DevOps


Our journey together so far

Exclusive office space

Right from renting out an exclusive office space to setting up robust technology architecture, handling payroll and other local administrative task

Dedicated recruitment team

Fast-track your hiring by selecting from our pool of carefully-screened talent pipeline or get dedicated recruiters to build your dream team of highly-skilled engineers that match your precise requirements.

High confidentiality

Ensure foolproof NDAs. We honor it not only at a company level, but also at an individual level as each member who joins your team signs it as well.

About Velotio


Velotio helps you deploy high-performance offshore teams on demand. We build teams that can design, develop and scale your vision in the most efficient way.

Our core areas of expertise include DevOps, Data engineering, ML/AI and Full-stack development. We're amongst one of the top software developers on Clutch with a rating of 4.8/5.

Here are a few reasons why our clients love working with us:
Great technical expertise. We come to the table with solutions, not problems.
We help you quickly add experienced and qualified engineers to your team, as and when you need them.
Soft skills are an important selection criterea for us. All our engineers command good English language skills, both written and oral.  
Quick turnaround inspite of the time difference.

Talk to us