GDPR-compliant and highly available Public Cloud for improved medical care
OVHcloud and iATROS
20% cost savings compared with the former infrastructure
Significantly reduced latency independent of the data centre's location
Highest data protection standards for full compliance with European and national regulations
A modern e-health solution for improved cardiac patient care using an app
In 2019, cardiac specialist Prof. Dr. Alexander Leber, telemedicine specialist Dr Georges von Degenfeld and E-health entrepreneur Patrick Palacin founded the Digital Cardiac Centre iATROS, to allow cardiac patients to receive optimal medical care independently of location and time and to minimise any uncertainties in dealing with the disease. Together with experienced doctors and health experts, the company supervises people with cardiovascular diseases such as atrial fibrillation, high blood pressure, coronary heart disease and heart failure.
Using sensors – which may be inserted into the patient's smartwatch – vital parameters such as blood pressure, heart rate and pulse are measured regularly and automatically transferred to the iATROS app. With the aid of AI-supported analysis, iATROS can detect irregularities or abnormalities at an early stage and quickly provide treatment in line with guidelines. In the event that patients have any uncertainties or questions, they can make an appointment with one of the iATROS telemedics at any time. Furthermore, as a certified medical product, the health app offers its patients individual digital health programmes with sports and nutrition coaching, digital therapy plans and medication reminders. The digital health programmes support patients in independently preventing serious outcomes, provide security and ultimately improve their quality of life.
While iATROS relies on an experienced team of cardiologists, telemedicine specialists and other specialists for its medical expertise, the company primarily uses open source solutions for its IT infrastructure. The central backend system is based on specially-developed microservices, database systems and artificial intelligence. In the frontend, patients can measure vital parameters and track sport units or medication intake using the iATROS app. The solution is hosted in the cloud.
Using partnerships with clinics, pharmaceutical experts and health insurance companies, around 120,000 patients now have access to the Digital Heart Centre iATROS, which has already recorded and analysed a total of over ten million health values in order to ensure happy and healthy patients, with quicker diagnoses along with targeted therapy management.
A powerful infrastructure for the highest standards of data protection and data security
The company, which has used open source solutions and a personally-developed technology stack from the outset, initially used the cloud computing platform of a large US hyperscaler. However, it quickly became clear that the provider was not able to comprehensively fulfil the high demands of iATROS in many respects. Especially on the topic of data protection, the infrastructure that was used left questions open when it came to reliable compliance with the General Data Protection Regulation (GDPR) and the Digital Health Applications Regulation (DiGAV). Medical devices are subject to especially high requirements for the protection of patient data, which iATROS must be able to rely on at all times. Especially during the start-up phase of an e-health product, young companies require a reliable partner to help them build a suitable, secure and legally compliant backend, while at the same time providing the performance needed to meet rapidly-growing demand.
In addition, iATROS is committed to ensuring that all data - especially sensitive, personal data - is hosted exclusively in a private infrastructure within the European Union to reliably prevent access by unauthorised third parties.
The support provided by the previous cloud provider and its price-performance ratio also fell short of the iATROS team's expectations. It was therefore decided to select an alternative provider that could meet these criteria while offering high performance and resilience through mirroring in a geographically separated data centre.
A secure private network in the public cloud
iATROS opted for a cloud infrastructure and services from OVHcloud in order to meet its own high demands and to have a reliable partner at its side in critical matters who, as a European provider, has internalised the requirements for data protection and data security in the European market and operates several data centres within the EU in its own network.
The Digital Heart Centre uses the Public Cloud range from OVHcloud in conjunction with other cloud networking solutions and services from the leading European cloud provider. Within a private network that iATROS was able to build in the cloud infrastructure of OVHcloud, the core of the infrastructure consists of two private Kubernetes clusters that perform different tasks and are hosted in geographically-separated data centres. Certifications such as ISO/IEC 27001, 27017, 27018 and 27701 ensure information security and data protection management systems that manage risks, weak points and business continuity and guarantee data protection. OVHcloud therefore ensures that all relevant compliance requirements are met and that health data can also be hosted securely. The private network in the public cloud is based on the vRack technology developed by OVHcloud, which can be used to extend the private network between different data centres. This allows servers across data centre locations to communicate with one another using an isolated, private communication channel.
The main cluster hosts the various components of the product, which are provided as microservices based on Docker. Within this cluster are also the database servers, which are also provided as Docker images and use a partition on the Cinder storage for the data directory. All traffic between the individual services and the database instances takes place within this server cluster. Furthermore, some of the services used such as Machine-Learning-as-a-Service provide a REST API or a WebSocket interface that can be controlled externally using the Terra Load Balancer. This acts as a gateway between the public addressing and the private network. The SSL connection is terminated directly in the application server.
The second - geographically separated - cluster hosts additional tools such as Sentry and Matomo, which monitor the performance and availability of the individual services in the main cluster. To ensure high availability of the infrastructure, both clusters are fully mirrored in each other's data centre in order to be able to react promptly in the event of a failure at one of the two locations. In this case, the non-impaired data centre takes over the hosting of both clusters. All that is needed is an adjustment in the DNS entry.
iATROS also uses Block Storage and Object Storage from OVHcloud, which are designed for professional use and guarantee complete reversibility. If storage requirements increase, additional hard disks can also be added to the block storage during operation to increase the capacity within the cluster. With object storage, the data is replicated within the clusters and therefore threefold on different servers and hard disks. Using the API, the object store can be integrated into the application to better enable automations. This integration is further simplified by OpenStack Swift and S3 libraries.
“OVHcloud has provided us with a great deal of support in setting up our solution in compliance with the GDPR and solving technical performance bottlenecks, especially in the initial phase. Deployment in particular was noticeably easier for us than before”.
Patrick Palacin, Founder and CDO at iATROS
When building the iATROS infrastructure, the company benefited from the use of newer Kubernetes releases at OVHcloud as well as the comparatively simple connection to the Databank services. These designed the deployment in an especially straightforward way. Another plus point in setting up the solution was that several settings were already designed from the ground up for maximum protection requirements - and were therefore ideally suited to hosting health data.
Safe, highly available and affordable
The move from the US hyperscaler to OVHcloud quickly demonstrated positive effects. With the products and services of the cloud provider now in use, the resource requirements on the part of iATROS have been reduced by around 20 percent - and the cost savings are just as high compared to the infrastructure used previously. At the same time, the performance is at the highest level: Latency has also been significantly reduced compared to before - regardless of the distance between user and data centre location.
Meanwhile, users can rest assured that their data - especially the particularly sensitive health data - is always comprehensively protected in the cloud according to the highest standards. The high priority that the topic of data protection, including the corresponding certifications, has held at OVHcloud as a European provider since the company was founded, guarantees an all-round DSGVO and DiGAV-compliant handling of information that excludes unauthorised access by third parties. All patient data is hosted and processed exclusively within the European Union. The infrastructure's set-up with two server clusters in geographically separate data centres and the mirroring of the clusters ensures maximum availability.
The professional support from the provider is also a major bonus for iATROS. When minor technical challenges arose following the switch to the new private load balancers and vRack technology, OVHcloud support was on hand to help the iATROS team.
“At OVHcloud, we receive outstanding support. This applied to the switchover just as much as to the ongoing operation of our infrastructure in the cloud. Despite us being a smaller company, we and our concerns are taken seriously at all times and solutions are worked on at full speed”.
Patrick Palacin, Founder and CDO at iATROS