Post on 21-Jan-2018
Migrating Your HIPAA Compliant
Healthcare Analytics to AWS
Presented by Christopher Crosbie (Amazon Web Services), Fahad Aziz (Caremerge), and Gerry Miller (Cloudticity)
December 3, 2015
Today’s speakers
Gerry Miller
Founder & CTO
Cloudticity
Fahad Aziz
Co-Founder & CTO
Caremerge
Christopher Crosbie
Partner Architect
AWS
Housekeeping
• Everyone will be muted throughout
• Feel free to submit questions via GoToWebinar chat
• The recording and slide deck will be sent to all webinar participants
after the event
Agenda
• Caremerge
– Migration to AWS
– Analytics on AWS
• Cloudticity
– Healthcare on AWS
• AWS
– Big Data and Analytics architecture on AWS
Care CoordinationC
AR
E
CO
OR
DIN
AT
ION
Bigger Problem with Seniors
Person Centered Care
Network Effect
Infrastructure roadblockHow high can you fly?
Four Major Challenges
Scalability /
Availability
Continuous
Integration
Security Big Data
Big Data
Boundless data in healthcare (patient, conditions, medications, treatments and outcomes)
Ability to access, manage, connect and
understand this data to create actionable insights is critical for improving care and outcomes
Data Points Clinical
Vitals
Medications
Diagnosis
Conditions
Allergies
Assessments
Mood & Behavior
Patterns
Cognitive Behavior
Communication/hea
ring patterns
Vision Patterns
Physical functioning
Continence
Disease Diagnosis
Oral/Nutritional
Status
Activity Patterns
Observations
Falls
Wandering
Depressions
Falls with Injury
Elopement
Depressed
Abusive
Dimension of
Wellness
Physical
Emotional
Environmental
Spiritual
Vocational
Social
Intellectual
Health Services
Nutritional
Devices
Sleep Time
Heart Rate
Blood Pressure
Falls Risk
More…
Basic Health
Height/Weight
Race
Gender
Religion
Veteran
Marital Status
Blood Type
Quality Measures
ACE/ARB
Beta Blocker
Cholesterol Test
Diuretic
HbA1c
Immunization Influenza
Immunization
Pneumonia
Micro albuminuria Test
Spirometry Test
Statin Therapy Test
Tetanus
Care Transitions
Admission Dates
Admission Source
Transition from
Transition to
30 days re-
admission
Observations
Quality Measures
Care Transitions
Clinical
Assessments
Basic Health
Device data
Big Data Components
Storage Computation Business Logic BI Tool
Example # 1
Identify those that are high risk of
re-admission?
Recently discharged from hospital?
Lost weight significantly?
Has at least one chronic illness?
Not sleeping?
Oxygen levels not stable?
Had a fall?
Comparable to other similar cases?
Observations: Mood, Wandering, no talking?
Attending less social events?
Losing appetite?
No family connection recently?
Medication changes?
Medication interactions?
Comparable to other similar cases?
Identify those whose health is
declining?
Example # 2
We are just getting started!
And we need to focus on our
application and big data analytics
and not worry about infrastructure.
Cloudticity Introduction
A whole lot of firsts
• First patient portal on AWS
• First Meaningful Use Stage II attestation on AWS
• First Health Information Exchange on AWS
You can – and should – run your healthcare applications safely,
securely, and cost effectively on Amazon Web Services.
Analytics and the Amazon BAA
AWS BAA Configuration Requirements
Customers must encrypt ePHI in transit and at rest
Customers must use EC2 Dedicated Instances for instances processing, storing, or transmitting ePHI
Customers must record and retain activity related to use of and access to ePHI
HIPAA Eligible Services – AWS BAA Section 4.2
Amazon EC2Elastic Load
Balancing Amazon S3Amazon EBS Amazon Glacier Amazon Redshift
Amazon
DynamoDBAmazon
RDS for
MySQL
Amazon
RDS for
Oracle
Amazon EMR
HIPAA Eligible Services – AWS BAA Section 4.2
Amazon EC2Elastic Load
Balancing Amazon S3Amazon EBS Amazon Glacier Amazon Redshift
Amazon
DynamoDBAmazon
RDS for
MySQL
Amazon
RDS for
Oracle
Amazon EMR
A Reporting Architecture on AWS
Migrating your reporting architecture to AWS
Amazon RDSAvailability Zone #2
Auto Scaling group
Amazon EC2
Running
Reporting
Worker #2
Availability Zone #1
Auto Scaling group
Amazon EC2
Running
Reporting
Worker #2
Amazon Redshift
Amazon EC2
Running
Primary
(licensing)
Amazon SNS
Amazon ELB
HTTPS HTTPS
SSLSSL
HTTPHTTP
RD
You should have access to the database
enabled only from the application tier (using
appropriate security group/NACL rules)
Any data that has the potential to contain PHI
should always be encrypted by enabling the
encryption option for your Amazon RDS DB
(see image on left) OR you could use Oracle’s
TDE
For encryption of data in-transit:
MySQL: SSL channel
Oracle: Oracle Native Network encryption
Amazon RDS: Managed SQL Best Practices for HIPAA
Amazon RD
Enable at rest encryption on your Amazon
Redshift cluster.
Customer controls the Cluster Key which
encrypts the database key for the cluster.
Connect to Amazon Redshift using SSL
and set the requre_SSL parameter to true
Amazon Redshift Best Practices for HIPAA
Next steps
• Pilot project on AWS
• Determine the right financial factors to drive a production migration
• Leverage the experience of companies like Caremerge who have
already migrated to AWS
• Use a Healthcare Competency provider like Cloudticity to maximize
your security, value, and chances of success on AWS
Questions?
Cloudticity
Gerry Miller
gerry@cloudticity.com
cloudticity.com
Caremerge
Fahad Aziz
fahad@caremerge.com
caremerge.com
AWS
Christopher Crosbie
ccrosbie@amazon.com
aws.amazon.com