AWS Partner Network (APN) Blog
InterSystems and the AWS Workload Migration Program: Helping Healthcare Customers Move to the Cloud
By Regilo Souza, Product Owner of Cloud Strategy – InterSystems
 By Ed Lucente, Cloud Partner Alliance Manager – InterSystems
 By Dan Taoka, Partner Solutions Architect – AWS ISV Workload Migration Program
 By Maliha Mustafa, Partner Development Specialist – AWS ISV Workload Migration Program
|  | 
| InterSystems | 
|  | 
The integration of healthcare transactions and processes and the monitoring of applications has become increasingly vital for healthcare organizations. InterSystems, an AWS ISV Partner, provides multiple solutions for these organizations that range from small clinics to some of the largest healthcare delivery systems in the world.
With InterSystems, customers can manage their own platform in a data center or can choose to migrate and/or run their platform on the cloud and offload the management of the infrastructure to InterSystems. For the latter, InterSystems offers InterSystems HealthShare Health Connect Cloud, a healthcare integration engine designed to improve customers’ agility and reduce the cost of managing their healthcare systems.
Health Connect Cloud delivers high-volume transaction support, process management, and monitoring to support healthcare organizations’ mission-critical applications. Health Connect Cloud is a Platform as a Service (PaaS) offering that is delivered and managed by InterSystems in a dedicated Health Connect instance on AWS. Each customer gets a dedicated AWS Virtual Private Cloud (VPC) to ensure data is completely isolated from other customer data.
In this post, we will dive deep into InterSystems’ enrollment in the AWS ISV Workload Migration Program (WMP) as well as the architecture of their Health Connect Cloud offering to help readers explore the benefits of migrating their healthcare applications to the cloud.
Streamlining Success with the AWS ISV Workload Migration Program
To ensure that Health Connect Cloud operates as efficiently as possible, InterSystems joined the AWS ISV Workload Migration Program (WMP).
The AWS WMP is an AWS Partner Network (APN) benefit designed to help independent software vendors (ISVs) create or validate their automated cloud migration processes. The program provides technical enablement assistance, funding, and go-to-market support for partners, allowing them to develop and market scalable and repeatable migration strategies.
With these program benefits, InterSystems can adopt SaaS products and offerings faster, expanding their cloud practice and providing customers with faster time-to-value and optimized migrations.
The InterSystems, AWS, and AWS WMP teams worked closely to architect Health Connect Cloud to meet AWS best practices as defined by the AWS Well-Architected Framework. As part of this process, the teams reviewed the Health Connect Cloud architecture and platform to address security, reliability, and operational risks.
The WMP Partner Solutions Architect (PSA) and InterSystems teams also held a migration workshop to dive deep into the migration process for InterSystems customers moving from their on-premises data centers into Health Connect Cloud. The InterSystems engineering and development teams worked hard to make the process of migrating to the cloud as seamless as possible for their customers.
InterSystems is now working with the WMP teams to leverage the other benefits of the program to scale out the migration of customers onto Health Connect Cloud.
Health Connect Cloud: Designed with Customers in Mind
InterSystems architected Health Connect Cloud to optimally leverage the cloud to help their customers realize improved availability and security while reducing system maintenance and operational overhead. By default, the infrastructure is deployed across multiple AWS Availability Zones (AZs) to provide resiliency, and encrypted data is replicated across AZs to enable automatic failover if necessary. Customers can also replicate their data to a different AWS Region to provide additional resiliency if necessary.
There are three ways to connect to the Health Connect Cloud infrastructure:
- InterSystems administrative users connect to the AWS Systems Manager to manage the underlying infrastructure of the Health Connect Cloud architecture.
 .
- Health Connect customers connect to the Health Connect Cloud system through an AWS Application Load Balancer via the internet, which then routes the traffic to a web gateway instance in a public subnet. Connectivity to the underlying data, which is stored in private subnets, is then limited to authenticated web sessions.
 .
- Connectivity from outside systems, which feed data into Health Connect Cloud, happens via virtual private network (AWS VPN) Gateways. Data is then stored in the underlying Health Connect Cloud database, enabling guaranteed message delivery and a complete audit trail of all messages.
Customers are also provided three environments (Development, Testing, and Live) to test changes and then deploy them using a standardized change control system.
Simplifying VPN Connections with Network Connect
Quickly and securely connecting systems to the cloud can often be a complex and time-consuming challenge for healthcare organizations, and Health Connect Cloud customers are no exception. Recognizing this challenge, the InterSystems team developed and implemented a self-service portal that allows customers to connect their outside systems to Health Connect Cloud.
With Health Connect Cloud – Network Connect, InterSystems customers can more quickly and easily set up VPN connections to allow them to work with the Health Connect Cloud platform.
Through the self-service portal, customers designate the type of connection they need and then download a configuration file that can be used to automatically set up the VPN connection to Health Connect Cloud. Once the connection has been set up, Network Connect manages connectivity to any of the three environments based on the permissions that are set for each of the connections.
Network Connect allows customers to reduce the time it takes to set up VPN connectivity from one week to only 15 minutes.
In addition, after migrating to Health Connect Cloud, connections from both internal and external systems can be set to route traffic directly to the cloud, without the need to go through a data center. This allows customers to reduce the number of hops that the data needs to make and decreases the bandwidth to and from the data center.
Customers can set up a maximum of 5,000 connections to the network gateway with transfer speeds up to 50 Gbps. In addition, on-premises VPN connections are typically only one tunnel, but VPN connections on AWS are two tunnels by default, providing resiliency in the rare case a VPN connection fails or when AWS performs routine VPN maintenance.
Why Migrate Your Healthcare Services to the Cloud?
There are five primary benefits for customers running Health Connect Cloud on AWS: high availability, secure network connectivity, data security, reduced maintenance and operational overhead, and platform support.
High availability
- Global AWS Regions help ensure that both the application and data are stored near the customer.
- Mirroring databases across multiple AZs allows for increased resiliency and automatic failover.
- Disaster recovery sites can be set up in any region, and critical data can be recovered within minutes
Secure network connectivity
- Dedicated Amazon Virtual Private Cloud (VPC) and Amazon Elastic Compute Cloud (EC2) instances support data isolation.
- A self-service portal allows customers to securely connect to and from their data center to the Health Connect Cloud environment on AWS.
Data security
- Sensitive data is protected as it is encrypted in-flight using Secure Socket Layer (SSL)/Transport Layer Security (TLS) encryption or through a customer-managed Internet Protocol Security (IPSec) VPN Gateway to and from Health Connect Cloud instances.
- Data is encrypted at rest within the Health Connect Cloud database and journal to help maintain confidentiality.
Reduced maintenance and operational overhead
- InterSystems deploys out and manages the infrastructure in AWS, reducing the need for specialized customer knowledge.
- Ongoing development is controlled through Git and goes through a standardized testing and deployment process. Customers use development, testing, and live environments to properly test and implement changes.
- Integrated monitoring of the platform supports constant visibility into Health Connect Cloud.
- Transparent platform scaling helps optimize performance.
Support
- Proactive monitoring of the system allows customers to catch potential problems early.
- The InterSystems Service Desk is available around-the-clock to provide support if an issue arises.
Summary
In an increasingly interconnected world, many healthcare organizations are considering moving to the cloud to help increase their agility, reduce costs, and more efficiently and securely manage transactions and processes.
InterSystems’ Health Connect Cloud platform-as-a-service leverages AWS and the AWS ISV Workload Migration Program to provide more scalable and streamlined cloud migrations for healthcare organizations.
Using Health Connect Cloud, customers can realize increased availability, more secure network connectivity, enhanced data security, reduced maintenance and operational overhead, and improved platform support.
Learn how Northwest London Integrated Care System (ICS) migrated to Health Connect Cloud to help accelerate their digital transformation and improve patient care.
InterSystems – AWS Partner Spotlight
InterSystems is an AWS ISV Partner that provides multiple solutions for these organizations that range from small clinics to some of the largest healthcare delivery systems in the world.
