Case study Situation You are the CIO of BigPharma Healthcare. The ICT landscape of BigPhrama Healthcare is their on-premise system that captures, manages Electronic health record (EHR) and Medical Imaging (EMR) that stores data in a structured format. EMR or electronic medical records means the digital version of the patient chart having information stored on the computer system. Thus every paper of the patient such as his medical history, lab tests, diagnoses etc is stored in the system rather than in the form of bulky paper files. While this works well within a practice, but these are limited because these can't go outside of the premises of the organization. EHR or electronic health records are digital health information of the person. It contains much more than what is already included in EMR. EHRs include vital signs, past medical history, diagnoses, progress notes, medications, allergies, lab data, immunization dates, and imaging reports. This information can travel outside the premises of the organization as well. The information stored is also shared with external health care providers. Healthcare Industry is heavily regulated; HIPAA or Health Insurance Portability and Accountability Act protects Patient Health Information (PHI) to keep the data private and secure Desired Outcome Part 1 Part 2 Part 3 BigPharma Healthcare strives to improve care and efficiency of reports to ensure treatment decisions are faster. They also want to focus on collaboration, innovation, lower total costs and derive insights faster. The Business has decided that it's time to move to the Cloud as it wants to provide a O secure, reliable, highly available and operationally cost effective way to manage the workloads. O O Redefine the architecture with a 3-tier approach to overcome the performance and scalability issue. Remember: Everything Fails all the time, so keep the architecture loosely-coupled Use a phased approach before attempting to solve the challenge O O decision Migrate & Modernize by ensuring all 6 pillars of WAF are covered https://aws.amazon.com/architecture/well-architected, especially security, performance and cost optimization are considered important Ensure security for both Data at rest and in transit at different layers O Focus on Security specific pointers when discussing about migration to mitigate: O Lack of Cloud security architecture and strategy (don't assume Lift and Shift will work) Cloud storage data exfiltration O O O O O Disaster Recovery planning to ensure the business meets its required RTO/RPO O Assess the current architecture and identify any (in)security in the design. Evaluate the business needs based on specific insights you learnt from the assessment: Follow the 7R's https://docs.aws.amazon.com/prescriptive- guidance/latest/migration-retiring-applications/overview.html for this O O O Accidental Cloud data disclosure Can you use managed security services within the Cloud rather than building a bespoke solution Ensure the Business is complaint to HIPAA Do you have a Dev-Test environment to conduct Blue-Green, Canary testing when you update / upgrade applications. How are Back-ups planned and maintained across different layers For this exercise, you can define the RTO / RPO and design the DR accordingly (usually mission critical application has both under 15 mins ; Business critical applications have RTO - 2 Hrs and RPO - 4 Hrs) Think how you can be notified when alarms / thresholds exceed before disaster strikes. Can you use multi-zone, multi-region approach for this design to reduce impact?