HIPAA-Compliant AWS Cloud-Based Endoscopy Solution for a US-Based Healthcare Solution Provider
Overview
The client, Endoluxe, is a US-based healthcare company specializing in innovative healthcare solutions and platforms for endoscopic procedures. They sought to improve data privacy and implement secure access controls for critical data. ACL Digital supported the client by transitioning their current solution to a HIPAA-compliant, cloud-based environment with reliable media storage.
Download Case Study
Challenges
Lack of a cloud-based environment to ensure scalability and flexibility
Insufficient secure access for sensitive medical information
Solution
- Migrated patient data from AWS EC2-hosted MongoDB to AWS RDS (PostgreSQL) within a HIPAA-compliant AWS RDS service
- Enhanced the RESTful APIs by adding a token-based security layer for data transfer from S3 to the web portal
- Designed a secure and time-limited access mechanism for end-users to retrieve files (images/videos) through AWS S3 using pre-signed URLs
- Prevented data breaches by turning off visual search & metadata collection through browser development tools
- Enhanced the overall system security of the system by implementing Encryption at Rest for data transfer, token-based API access, and more
- Designed & implemented a disaster recovery plan to ensure data backups, preventing any potential data loss
Outcomes
- Accelerated time-to-market by delivering a HIPAA-compliant, end-user-ready product, hence enabling the client to swiftly penetrate into the US market