How Fachklinikum Mainschleife Migrated Its Hospital Infrastructure to AWS

Fachklinikum Mainschleife is a private hospital based in Volkach, Bavaria, Germany. It both provides general medical care and specializes in several areas, including sports surgery, pediatric orthopedics, trauma surgery, and physical therapy. When the hospital needed a cost-effective replacement for its infrastructure, it turned to Oberender. “One of the main motivations for this project was economic,” says Rolf Grube, senior manager at Oberender. “We calculated different models for Fachklinikum Mainschleife, and the most cost-effective option was the cloud. Then, we discussed data security and privacy and how we can establish these guardrails in the cloud.”

For hospitals, the stakes are high when it concerns technology. Fachklinikum Mainschleife’s IT system plays a crucial role in patient care, and any disruption or breach of privacy could have serious consequences. The hospital chose to migrate all its infrastructure to AWS. “The customer needs to configure only certain elements,” says Florian Wanner, managing director of Kite Consult. “This shared responsibility model removes a lot of the complexity regarding compliance.”

Together, Fachklinikum Mainschleife, Oberender, and Kite Consult worked to migrate all of the hospital’s infrastructure to AWS. The teams completely rebuilt 30 applications and workloads to run on AWS powered by instances on Amazon Elastic Compute Cloud (Amazon EC2), which provides secure and resizable compute capacity for virtually any workload, and Amazon Relational Database Service (Amazon RDS), a collection of managed services that makes it simple to set up, operate, and scale databases configured in the cloud. At the same time, they configured infrastructure elements to comply with region- and country-specific regulations. The migration project was completed in 12 months, beating the original 18-month time frame.

As part of the migration, Fachklinikum Mainschleife adopted a new electronic health record (EHR) system called CLINIXX from software vendor AMC. The teams successfully migrated the historical patient data that was running on a third-party hospital information system into a data lake on Amazon Simple Storage Service (Amazon S3), an object storage service offering industry-leading scalability, data availability, security, and performance. “We used AWS serverless blueprints to create a solution to store the health information from the EHR and make that data accessible to clinics,” says Wanner. “This project involved not only migrating applications to AWS but also changing how certain processes were digitized.” By adopting Amazon S3, Fachklinikum Mainschleife expects to reduce its storage costs by 10 times.

Amazon DynamoDB, a fully managed, serverless, key-value NoSQL database, serves as the database layer for the hospital’s infrastructure. To facilitate access to the data indexed on Amazon DynamoDB, Fachklinikum Mainschleife relies on Amazon OpenSearch Service, which securely unlocks near-real-time search, monitoring, and analysis of business and operational data. The hospital now hosts over 10 TB of patient and medical data on AWS.

The Oberender and Kite Consult teams implemented several AWS services to improve the security of the hospital’s cloud infrastructure. For example, AWS Key Management Service (AWS KMS) is designed to let organizations create, manage, and control cryptographic keys across applications and AWS services and encrypt data at rest and in transit. The hospital has also adopted Amazon GuardDuty, a threat detection service that continuously monitors AWS accounts and workloads for malicious activity, and AWS CloudTrail, which monitors and records account activity across AWS infrastructure, to identify potential vulnerabilities and keep its IT estate secure.

Using AWS KMS rules with customer-managed keys, Fachklinikum Mainschleife can limit incoming decryption requests to authorized users in Germany, meeting data residency regulations. The landing zone is integrated with guardrails that help enforce the hospital’s security policies. If someone attempts to bypass or ignore the implemented security measures, the system will send an alert. The hospital also set up autoremediation functions on AWS Lambda—a serverless, event-driven compute service—that automatically address and fix any bugs that might arise.

Not only was Fachklinikum Mainschleife able to meet its compliance requirements by adopting AWS services, but it has also saved significant costs. “We actually investigated how much it would cost to perform encryption on premises,” says Wanner. “Using AWS KMS, it costs only €3–4 per month. If we had implemented the service on our own, it would involve a €70,000–80,000 investment, plus operational costs.”

Because all patient records are digitized in the cloud, hospital staff are no longer burdened with the task of consolidating or managing paper documents, saving approximately half a day’s work. With centralized access to patient data in the cloud, doctors can retrieve critical information on demand instead of searching for it manually. They can now make faster, better-informed decisions to support high-quality patient care. “On AWS, we are raising the standard for a specialized hospital to meet the level of larger entities,” says Wanner. “Fachklinikum Mainschleife can access a lot of the benefits that are normally only seen in larger hospitals and healthcare networks.”

Through this initiative, Fachklinikum Mainschleife became the first hospital in Germany to run its infrastructure entirely in the cloud. This initiative demonstrates the hospital’s commitment to innovation and enhanced patient care and serves as a model for other hospitals seeking to improve their IT infrastructure.

Fachklinikum Mainschleife is a private hospital located in Volkach, Bavaria, Germany. It provides basic medical care and specializes in several areas, including sports surgery, pediatric orthopedics, trauma surgery, and more.