A large, multi-national shipping company was launching a refresh of an application for the US Postal Service. The application is a secure mail application that, while not technically covered under HIPAA regulations, may contain personal information such as social security numbers, personal health information, and other confidential user data. The shipping company wanted to ensure that it’s existing AWS environments met HIPAA standards, as well as other standards around performance, security, and cost.
Challenges
- Desire to meet HIPAA compliance
- Sprawling AWS environment with many stakeholders, infrastructure teams, and databases
- After several years of use, there were concerns that their AWS environment had “drifted” from AWS best practices around secuity and performance
Solutions
- Logicworks conducted a full AWS Well-Architected Review and Compliance Assessment
- Review covered network design, security, operational management, ongoing responsibilities and DevOps automation
- Compliance Asssessment graded their security controls against HIPAA standards, including encyption, authentication, user access, administrative controls, patching, backup retention, and more
- Logicworks delivered results as comprehensive report, along with training and remediation next steps
Results
As a result of Logicworks’ Well-Architected Review, the company uncovered more than two dozen issues to remediate in order to achieve HIPAA compliance. Logicworks ranked remediation items by criticality and gave very specific advice on how to implement changes, which allowed their internal teams to quickly and effeciently implement changes. Overall, the review and gave the company the confidence that their compliance concerns were addressed and prepared for future scale.
Logicworks is a leading provider of cloud services with over 400+ successful projects. Contact us today to learn how we can transform your cloud!
