Leader in Healthcare Systems Grows Uptime and Security with Docker and AWS

Profile

This leading provider of medical image handling and processing, interoperability and clinical systems, services more than 7,500 U.S. healthcare sites, as well as many of the world’s leading clinical research institutes and pharmaceutical firms. Insights gleaned from medical images managed by this provider’s system can help clinicians efficiently identify options for the diagnosis, treatment, and monitoring of a broad array of health conditions.

Business Needs

Robustness of service with high levels of uptime and reliability

Security controls to protect against loss of its customer’s personal health information

Assure HIPAA compliance

Challenge

This healthcare organization sought to move to a more manageable system, one that required less human intervention and was self-healing. Given the nature of the data that it manages for its customers, the system needed to be stable, with extremely high levels uptime; the impact of production downtime could quite literally be the difference between life and death. Moreover, the group’s IT team wanted a maintainable interface for the delivery of product for production support. Security and compliance were other key criteria as maintaining HIPAA compliance and protecting against the risk of losing personal health information were important business imperatives to address.

Solution

With three key business priorities of security, robustness, and cost, the Flux7 team rolled up its sleeves and began work assessing the situation to design and build the right infrastructure for this organization. The group had already been evaluating AWS, which Flux7 recommended as well, seconding its focus on automation, immutable delivery, and IaaS. Moreover, as the group was interested in having a solution it could easily manage post-launch, Flux7 recommended deploying Docker containers in order to create an infrastructure that is more manageable, providing a consistent interface across Development, Test, and Operations.

DevOps in the Cloud: System robustness as facilitated by DevOps in the cloud helped this firm achieve its uptime and reliability goals. Specifically, Flux7 helped the client establish CloudFormation templates for VPCs, networking, NAT, and encryption at rest for all AWS resources. Jenkins jobs were set up to build WAR (Web archive) files and Docker containers, which in turn contained files for Jira, Jenkins, GitLab, Artifactory, and the customer’s application.

This setup increases automation and decreases the need for human intervention while providing development and the flexibility to build systems without concern for the ultimate production environment.

Security: The security set-up for this provider used several layers including separation of duties, key management, aggressive patching criteria and the recycling of servers every 15 days. Moreover, security policies specific to HIPAA and AWS were employed to ensure regulatory compliance and the strictest possible level of security to avoid any possible risk associated with the loss of the personal health information of its clients. For example, CloudTrail was used to log every action taken and by whom, and AWS Config was used to monitor any changes made to an individual component over time. White- and blacklists were used to secure the perimeter and encryption at rest was deployed in AWS as well as for on-premise hardware. All change management was performed in Jira. All code commits to GitLab were required to be tagged with Jira case IDs and Jira was updated automatically when new code was pushed. Jenkins built the artifacts and containers on every code push and stored the artifacts in Artifactory. Correctly tagging a full trail of how and why the container was built. Jenkins deployed the container and similarly tagged the production resources to enable a full 360-degree view of every artifact deployed to production from idea to inception.

Cost: The Flux7 team helped this healthcare leader proactively manage its AWS costs by providing one-click EZ buttons for creating the full environment, including load balancers, provisioning software, containers, and running the services. This enabled the Dev and QA teams to provision environments on-demand which increased their productivity and eliminated the need to have long-running persistent environments as environments could be turned off when they were not in use, and recreated when a need arose.

Benefits

Now the internal team is able to Dockerify its application, giving it greater control while erasing the traditional boundaries between teams, and using the AWS ecosystem of tools to increase automation and decrease the need for human intervention. Further, Flux7 consultants applied their tried and true AWS best practices to ensure deep security and HIPAA compliance were achieved for this healthcare system provider’s critical data. Last, with a solution tooled for this organization, Flux7 was able to help it effectively manage AWS costs to ensure optimal ROI.