Healthcare Blocks on AWS

Healthcare Blocks provides an AWS account that is configured and validated against security frameworks such as the CIS AWS Foundations Benchmark and NIST Cybersecurity Framework. Essential AWS core services are enabled to support auditing, data protection, and cloud security requirements, which are scored and summarized in the Security Hub dashboard.

Specify your operational requirements, including system performance, availability, and budget, and Healthcare Blocks provides a solution that enables your team to deploy applications without having to deal with the intricacies of the underlying platform and infrastructure. Terraform infrastructure-as-code modules developed by Healthcare Blocks are also available.

Healthcare Blocks leverages AWS services such as CloudTrail to track account activity and changes to services configurations that impact your organization’s security posture. CloudWatch monitors system uptime and resource utilization, and a “single pane of glass” ops dashboard is included. Subscribe to alerts to get notified via email, Slack, or Teams.

Healthcare Blocks provisions relational databases such as MySQL and PostgreSQL via Amazon RDS, ensuring database-as-a-service configurations comply with HIPAA requirements, leveraging encryption-at-rest, audit logging, data replication, and automated recovery. For more complex data storage, processing, and analytics use cases, Healthcare Blocks supports AWS services such as HealthLake and Redshift.

Healthcare Blocks configures AWS platform features to meet your uptime requirements. Production environments include systems redundancy across multiple data centers within a single geographic region by default. Healthcare Blocks also supports multi-region service architectures to satisfy more stringent disaster recovery requirements.

Healthcare Blocks configures and manages the Web Application Firewall (WAF) service to protect your applications against intrusions, fine-tuning rules to eliminate false positives. GuardDuty continuously monitors the cloud environment for malicious activity. Its findings are analyzed and remediated by Healthcare Blocks. Inspector scans virtual machines and container images for common vulnerabilities. Network traffic is filtered through Virtual Private Cloud firewall rules.

EC2 virtual machines are based on an image conforming with the CIS Benchmark for Ubuntu and include file integrity monitoring, malware scans, and patching by a centralized AWS service.

Logs are collected from managed AWS services, virtual machines, and containers and are stored in CloudWatch Logs, which provides a rich UI for browsing and filtering interesting events.

Healthcare Blocks provides a monthly report that summarizes key findings and recommended remediation actions to keep your AWS environment compliant and secure.