The Challenge:
The provisions of the Health Insurance Portability and Accountability Act (HIPAA) require that medical practitioners and their business associates (hospitals, insurance companies, testing centers, etc.) protect patients’ health information from unauthorized disclosure. Such Protected Health Information (PHI) include medical histories, test and laboratory results, prescriptions, insurance and billing information, and other healthcare-related data.
Given Firstday Healthcare’s critical role in facilitating post-NICU neonatal care, it is inevitable that protecting PHI from involuntary access is their major requirement. Firstday Healthcare chose Ibexlabs to ensure that access and exchange of PHI between parents and their neonatal care providers using their app did not violate the security and privacy provisions of HIPAA. Also, they wanted a secure and scalable cloud-based infrastructure that was resilient to cyber threats.
Keen to Learn more?
To create a HIPAA-complaint, cloud-based solution with protected PHI, the Ibexlabs solution uses several Amazon Web Services, working in tandem.
- AWS CloudWatch: Audits, monitors and troubleshoots all Firstday Healthcare applications
- AWS CloudTrail: Tracks every user activity and API usage (i.e., who did what, when)
- AWS Simple Storage Service (S3): Stores these logs as event trails, and makes them available for viewing, download, analysis and remedial actions should unusual activities be detected.
- Amazon GuardDuty: For proactive threat detection, and to monitor the AWS CloudTrail and DNS logs of Firstday Healthcare’s entire deployment for unusual network and account activities
