HIPAA-Compliant Cloud Infrastructure

Lane Health accelerates application development, streamlines business processes, and reduces the total cost of ownership by 60%

Lane Health is a healthcare lending company that helps employees in High Deductible Health plans (HDHP) to cover their healthcare expenses through a unique HSA Advance program, and to manage their HSA contributions. Employees no longer have to defer their healthcare decisions due to high out of pocket expenses since the Lane Health Card with the Heart offers instant credit at the point of sale with no credit checks.

Challenge

Lane Health wanted to innovate faster and more efficiently by migrating their HSA Advance applications to an advanced HIPAA-compliant infrastructure on AWS. Through product migration and augmentation, Lane Health was looking to streamline operations and reduce Total Cost of Ownership while ensuring business continuity during the migration.

Solution

Provectus reviewed HSA Advance current applications, including their business logic and data, to define the infrastructure requirements for HIPAA compliance. A new HIPAA-compliant infrastructure for AWS-based, cloud-native applications was designed and implemented, featuring automated CI/CD pipelines with logging, monitoring, and alerting components.

Outcome

Provectus migrated Lane Health’s HSA Advance applications to a reliable, highly available, and HIPAA-compliant AWS infrastructure, to enable agility, flexibility, cost efficiency, and the security of the AWS cloud. Lane Health reduced Total Cost of Ownership by 60% while ensuring full ownership and stable releases of the product.

60% Reduction in Total Cost of Ownership

HIPAA-compliant Infrastructure on AWS

Full Transparency and Ownership by the Dev Team

#1

image

The Infrastructure and Tech Stack Limit Development Capabilities and Curb Potential for Growth

Lane Health was founded to provide corporate employees with affordable options for paying for healthcare using pre-tax dollars.

By using Lane Health’s HSA Advance program, employees in High Deductible Health Plans (HDHP) who often face financial pressures and obstacles can get an instant line of credit without credit checks, and enjoy predictable repayment terms with tax savings and zero costs to employers. In fact, employers enjoy the savings through this program as they reduce their payroll tax obligations. The program can be managed via a set of dedicated HSA Advance applications for employees, employers, and administrators.

The team at Lane Health wanted to improve the HSA Advance applications by making them more secure, scalable, flexible, reliable, and cost-efficient. They were looking to introduce more advanced technology stack and infrastructure, and to migrate the applications to the AWS cloud. By doing so, the team hoped to gain capabilities to innovate faster while achieving more stable releases, reducing the Total Cost of Ownership, and achieving HIPAA compliance to store PHI data.

Lane Health joined forces with Provectus to migrate its applications to an enterprise-level technology stack and set up an underlying infrastructure in the AWS cloud.

#2

image

Implementing HIPAA Infrastructure, Optimizing for Performance and Cost, and Migrating the Apps to AWS

Provectus reviewed Lane Health’s implementation of the HSA Advance applications to better understand their business logic, external dependencies and data structures, and to assess their compliance level.

The applications were developed on a no-code platform that limited their flexibility while posing ownership and maintenance challenges. They did not have a proper versioning system or database rollback mechanisms, making each new product release a risky endeavor. The applications lacked tools for testing, logging, monitoring, alerting, and database migration and management.

Provectus saw an opportunity to help Lane Health improve its applications.

We designed a reliable, highly available, and HIPAA-compliant AWS infrastructure, which includes a new data platform, CI/CD, logging, monitoring, alerting, and updates of other critical components of the application. The infrastructure and the proposed migration plan were approved by the Lane Health’s team.

Provectus built a HIPAA-compliant infrastructure based on AWS HIPAA Security and Compliance guidelines. The infrastructure met AWS requirements for security, performance, cost efficiency, and reliability. It featured CI/CD pipelines for automated testing; a centralized hub for logging, monitoring, and alerting; ETL pipelines for user enrollment and data quality verification; and microservices to support core business logic and third-party integrations, and to provide the frontend applications with corresponding APIs.

In order to achieve smooth migration and traffic switch to new production workloads, Provectus ensured proper test coverage on each step of the migration. A series of integration, functional, manual, and end-to-end tests were run to ensure applications are working as expected and are on par with legacy applications.

The delivered solution addressed and accounted for various challenges that Lane Health’s team faced with HSA Advance applications.

Thanks to Provectus, new applications are now:

  • ready for a HIPAA compliance audit
  • able to limit engineers’ access to sensitive customer data
  • able to release and roll out new product versions with fewer obstacles
  • utilizing best practices for logging, monitoring, and data backups
  • ensuring greater customer satisfaction from the standpoint of data security, performance, and user experience

#3

image

New Infrastructure Speeds Development, Streamlines Processes, and Helps Improve Customer Satisfaction

Provectus designed and built a reliable, highly available, and HIPAA-compliant infrastructure on AWS, which enabled Lane Health’s engineering team to develop cloud-native applications from scratch, without the limitations of no-code platforms.

The new infrastructure introduced automated CI/CD pipelines, data quality verification pipelines, and required tooling for versioning, automated testing, logging, monitoring, and alerting. The enhancements also made it possible to roll out product updates in just one click.

Although the HSA Advance applications were built from scratch, Provectus ensured that their core business logic did not change as a result of migration, to ensure business continuity. Lane Health’s admins and registered users (i.e. employees and employers) are still able to use the HSA Advance applications in ways they are accustomed to.

The improvements made by the Provectus team make the HSA Advance applications more agile, flexible, scalable, and secure. Lane Health’s engineering team was able to take full ownership of the solution and achieve stable and regular releases.

“The development team of Provectus has helped us build a new generation, scalable, cloud-based architecture in record time”, says Lenny Blyukher, CTO of Lane Health. “By migrating and augmenting the HSA Advance applications, Lane Health has streamlined operations and improved business processes to reduce the Total Cost of Ownership by 60%. Now, we are in the strong position to innovate and improve Lane Health’s healthcare lending solution faster and more efficiently while enjoying better data protection.” The changes make it possible for Lane Health to unlock its full potential and accelerate its future growth in the healthcare lending market.

CONTACT US!

Looking to explore the solution?

  • Hidden
  • Hidden
  • This field is for validation purposes and should be left unchanged.