Top 3 Cloud Compliance Takeaways from AWS re:Invent
Vice President of Marketing
Our team attended AWS re:Invent 2019 in Las Vegas that spanned across four (long) days from December 2-6. As usual, it was a tremendous event with over 60,000 attendees, making it the biggest AWS event to date. Andy Jasse, CEO of Amazon Web Services, noted on Twitter this is their favorite week of the year, and anyone in attendance would see why. There is so much to see and do, so much to engage with and learn from, and so many physical locations that it can be hard to take it all in. To recap our time at the conference, here’s a breakdown of key things we noted:
1. Lots of new services, but a maturity gap exists
AWS continues to release new services with a wide range of functionality–notably Amazon Transcribe Medical getting the most attention. It’s an exciting time to be working with them! However, for those in highly regulated spaces, like healthcare, there is a wide chasm to cross from an operational, legal, and regulatory perspective. These new HIPAA-eligible services are great building blocks for digital health vendors but using them still demands complicated security and compliance efforts. This is a natural evolution, and it was clear through numerous conversations that associating these services with a cloud compliance Managed Service Provider (MSP) is necessary to unlock their potential in a compliant manner. On the show floor, HITRUST certification was the most frequently mentioned certification framework our team heard from prospects.
2. Microservices can drive innovation
As noted above, the proliferation of new microservices continues at a breathtaking pace. This provides continual opportunity for new innovation. As the industry continues to move away from monolithic architecture – a move enabled by the robust microservice offerings – there is more opportunity to build at the speed of innovation. It is easier to scale up/down and to try different approaches in this environment. Vendors are enjoying the flexibility these services offer to their development efforts and are looking for the same from their compliance partners. No longer are digital health vendors willing to accept rigid offerings from MSPs. Instead, they seek flexible offerings that are commensurate with their AWS infrastructure. They demand the flexibility to control what the need to, while leaving compliance to their MSP partners.
3. It is always easier starting fresh
While innovation opportunities abound with AWS services, the difficulty of managing a fragmented infrastructure remains very real. For those managing varied deployment models (on-premises, hybrid, etc.) there is great difficulty in transitioning and scaling. When trying to solve for the future using the past’s infrastructure and deployment models, it can be incredibly difficult to move forward with the desired speed. This is a reality that will continue to exist for many larger vendors who have invested many resources in their existing model. Transitioning to the new world is difficult – but an opportunity for digital health vendors to seek out integration and compliance expertise from those who have helped others manage this very same challenge.
We had a blast at AWS re:Invent and hope our team had the chance to meet you in person! If not, and you’d like to learn more about how Datica can help you achieve your cloud compliance needs, please let us know – we would love to hear from you at hello@datica.com.