Migrating Your HIPAA Compliant

Healthcare Analytics to AWS

Presented by Christopher Crosbie (Amazon Web Services), Fahad Aziz (Caremerge), and Gerry Miller (Cloudticity)

December 3, 2015

Today’s speakers

Gerry Miller

Founder & CTO

Cloudticity

Fahad Aziz

Co-Founder & CTO

Caremerge

Christopher Crosbie

Partner Architect

AWS

Housekeeping

• Everyone will be muted throughout

• Feel free to submit questions via GoToWebinar chat

• The recording and slide deck will be sent to all webinar participants

after the event

Agenda

• Caremerge

– Migration to AWS

– Analytics on AWS

• Cloudticity

– Healthcare on AWS

• AWS

– Big Data and Analytics architecture on AWS

Care CoordinationC

AR

E

CO

OR

DIN

AT

ION

Bigger Problem with Seniors

Person Centered Care

Network Effect

Infrastructure roadblockHow high can you fly?

Four Major Challenges

Scalability /

Availability

Continuous

Integration

Security Big Data

Big Data

Boundless data in healthcare (patient, conditions, medications, treatments and outcomes)

Ability to access, manage, connect and

understand this data to create actionable insights is critical for improving care and outcomes

Data Points Clinical

Vitals

Medications

Diagnosis

Conditions

Allergies

Assessments

Mood & Behavior

Patterns

Cognitive Behavior

Communication/hea

ring patterns

Vision Patterns

Physical functioning

Continence

Disease Diagnosis

Oral/Nutritional

Status

Activity Patterns

Observations

Falls

Wandering

Depressions

Falls with Injury

Elopement

Depressed

Abusive

Dimension of

Wellness

Physical

Emotional

Environmental

Spiritual

Vocational

Social

Intellectual

Health Services

Nutritional

Devices

Sleep Time

Heart Rate

Blood Pressure

Falls Risk

More…

Basic Health

Height/Weight

Race

Gender

Religion

Veteran

Marital Status

Blood Type

Quality Measures

ACE/ARB

Beta Blocker

Cholesterol Test

Diuretic

HbA1c

Immunization Influenza

Immunization

Pneumonia

Micro albuminuria Test

Spirometry Test

Statin Therapy Test

Tetanus

Care Transitions

Admission Dates

Admission Source

Transition from

Transition to

30 days re-

admission

Observations

Quality Measures

Care Transitions

Clinical

Assessments

Basic Health

Device data

Big Data Components

Storage Computation Business Logic BI Tool

Example # 1

Identify those that are high risk of

re-admission?

Recently discharged from hospital?

Lost weight significantly?

Has at least one chronic illness?

Not sleeping?

Oxygen levels not stable?

Had a fall?

Comparable to other similar cases?

Observations: Mood, Wandering, no talking?

Attending less social events?

Losing appetite?

No family connection recently?

Medication changes?

Medication interactions?

Comparable to other similar cases?

Identify those whose health is

declining?

Example # 2

We are just getting started!

And we need to focus on our

application and big data analytics

and not worry about infrastructure.

Cloudticity Introduction

A whole lot of firsts

• First patient portal on AWS

• First Meaningful Use Stage II attestation on AWS

• First Health Information Exchange on AWS

You can – and should – run your healthcare applications safely,

securely, and cost effectively on Amazon Web Services.

Analytics and the Amazon BAA

AWS BAA Configuration Requirements

Customers must encrypt ePHI in transit and at rest

Customers must use EC2 Dedicated Instances for instances processing, storing, or transmitting ePHI

Customers must record and retain activity related to use of and access to ePHI

HIPAA Eligible Services – AWS BAA Section 4.2

Amazon EC2Elastic Load

Balancing Amazon S3Amazon EBS Amazon Glacier Amazon Redshift

Amazon

DynamoDBAmazon

RDS for

MySQL

Amazon

RDS for

Oracle

Amazon EMR

HIPAA Eligible Services – AWS BAA Section 4.2

Amazon EC2Elastic Load

Balancing Amazon S3Amazon EBS Amazon Glacier Amazon Redshift

Amazon

DynamoDBAmazon

RDS for

MySQL

Amazon

RDS for

Oracle

Amazon EMR

A Reporting Architecture on AWS

Migrating your reporting architecture to AWS

Amazon RDSAvailability Zone #2

Auto Scaling group

Amazon EC2

Running

Reporting

Worker #2

Availability Zone #1

Auto Scaling group

Amazon EC2

Running

Reporting

Worker #2

Amazon Redshift

Amazon EC2

Running

Primary

(licensing)

Amazon SNS

Amazon ELB

HTTPS HTTPS

SSLSSL

HTTPHTTP

RD

You should have access to the database

enabled only from the application tier (using

appropriate security group/NACL rules)

Any data that has the potential to contain PHI

should always be encrypted by enabling the

encryption option for your Amazon RDS DB

(see image on left) OR you could use Oracle’s

TDE

For encryption of data in-transit:

MySQL: SSL channel

Oracle: Oracle Native Network encryption

Amazon RDS: Managed SQL Best Practices for HIPAA

Amazon RD

Enable at rest encryption on your Amazon

Redshift cluster.

Customer controls the Cluster Key which

encrypts the database key for the cluster.

Connect to Amazon Redshift using SSL

and set the requre_SSL parameter to true

Amazon Redshift Best Practices for HIPAA

Next steps

• Pilot project on AWS

• Determine the right financial factors to drive a production migration

• Leverage the experience of companies like Caremerge who have

already migrated to AWS

• Use a Healthcare Competency provider like Cloudticity to maximize

your security, value, and chances of success on AWS

Questions?

Cloudticity

Gerry Miller

gerry@cloudticity.com

cloudticity.com

Caremerge

Fahad Aziz

fahad@caremerge.com

caremerge.com

AWS

Christopher Crosbie

ccrosbie@amazon.com

aws.amazon.com