EHR Healthcare Case Study

Non-italicised points represent notes taken from Google’s official case study documentation, with keywords highlighted in bold. Points in italics represent additional insights and possible solutions.

Overview

• Leading provider of electronic health record software:
  • Large company
  • Many customers
  • Compliance important
• Provide SaaS to multinational medical offices, hospitals, and insurance providers:
  • Regulations:
    • Google Cloud is HIPAA compliant
    • Need to protect PII data
  • Multi-national:
    • Even more compliance
    • Multi-regional deployments
• Growing rapidly:
  • Need to scale
  • Autoscaling Groups
  • Kubernetes autoscaling (pods, node pools)
• DR plan required
• Need to update continuous deployment processes:
  • Update software faster
  • CI/CD
• Google Cloud to replace existing colocation facilities

Existing Environment

• Lease on DC about to expire
• Web-based customer-facing applications
  • Many already containerized to run on Kubernetes:
    • Kubernetes Engine
    • GKE Enterprise for hybrid-cloud use cases, and to manage multiple clusters centrally
    • Google Container Registry
• SQL and noSQL DBs:
  • MySQL
    • Lift/shift to Cloud SQL
  • MS SQL Server
    • Lift/shift to Cloud SQL
    • Provision specific version in Compute Engine (if not available in Cloud SQL)
  • Redis
    • Lift/shift to Memorystore
    • Deploy Redis Enterprise from marketplace
  • MongoDB
    • ETL to Cloud Firestore
    • Deploy MongoDB Atlas from marketplace
    • Manual build on GCE/GKE
• Legacy file and API integrations with insurance providers on-prem:
  • Scheduled to be replaced, but no immediate plans to move or upgrade
    • Requires secure connectivity between cloud and on-prem
    • VPN, Partner/Dedicated Interconnect
• Users managed in MS Active Directory:
  • Google Cloud Directory Sync (GCDS)
    • One-way sync of users and groups
• Monitoring:
  • Currently using open source tools
    • Move to Google Cloud Operations Suite
  • Alerts via email often ignored
    • Reduce frequency
    • Move from email to SMS, Slack, PagerDuty, Pub/Sub etc.
    • Alerting policies

Business Requirements

• Onboard new insurance providers as quickly as possible:
  • Common APIs
  • API management - Apigee
  • SaaS admin portal
    • Deploy to App Engine or Cloud Run (preferred due to containers) if traffic low
• 99.9% availability for customer-facing applications:
  • Multi-zonal / regional resources
• Centralized visibility of applications, with proactive monitoring and alerting:
  • Google Cloud Operations
  • Central logging/monitoring project for all subprojects
• Gain insights into healthcare trends:
  • Vertex AI
  • BigQuery
  • BigQuery BI
  • Looker
• Reduce latency to end users:
  • Premium network tier
  • Multi-zonal / regional resources
  • Anthos to place clusters in multiple-regions—Multi Cluster Ingress
  • Global load balancing
  • Cloud CDN
• Ensure compliance:
  • HIPAA
  • Audit logging
• Decrease infrastructure admin costs:
  • Use managed services wherever possible
  • Automate using IaC
• Predictions and reports on industry trends:
  • AI/ML
  • BigQuery ML
  • Reports with Looker Studio
  • AI Platform / Vertex AI

Technical Requirements

• Maintain legacy interfaces to existing insurance providers
  • VPN or Partner/Dedicated interconnect
• Consistent way to manage containerized apps
  • Anthos
  • Cloud Run and Cloud Run for Anthos
  • Google Container Registry
• Secure and high performance interface between Google Cloud and on-prem
  • VPN or Partner/Dedicated interconnect
• Logging, log retention, monitoring, alerting
  • Cloud Operations
  • Long term retention, use GCS or BigQuery as a sink
• Manage multiple container-based environments
  • Anthos
  • Centralized DevOps project
    • Host GCR and Cloud Build
  • Same container image for each environment
• Create interfaces to ingest and process data from new providers
  • APIs: Apigee
  • Pub/Sub
  • Dataproc
  • Dataflow

Executive Statement

• Currently, expensive (time, money):
  • Training team to manage disparate systems
  • Multiple environments
    • CapEx and OpEx too high
    • Consolidate to common platform e.g. Anthos
    • Use managed services where possible
• Outages caused by:
  • Misconfigurations
    • Automate where possible—CI/CD
    • Infrastructure as code e.g. Terraform
    • Kubernetes—roll-back unstable releases
    • Anthos Config Management for guardrails and best practice policies across all clusters
  • Inadequate capacity
    • Autoscaling
  • Inconsistent monitoring
    • Consolidate onto Google Cloud Operations

Potential Solution Design

References

• EHR Healthcare case study overview