Skip to main content

View Diary: A Software Engineer's take on Healthcare.gov (145 comments)

Comment Preferences

  •  They can not do that. (2+ / 0-)
    Recommended by:
    Kristjan Wager, Oh Mary Oh

    The databases have personally identifiable information that is protected by law (HIPAA), requires very high security so can not be shared, and so can not be put on the Amazon cloud.  Your utterly simplistic solution does not meet legal requirements.  It's so nice that you took 30 seconds to come up with it, though.

    •  Yes they can (0+ / 0-)

      As SysAdmin, I sign off on HIPAA regs which keep the medical networks I design, go-live and manage in compliance. My most complex medical cloud has just been granted PCMH certification. No security shortcuts getting there.

      My designs are based on PaaS. I privately host using Microsoft Azure guidelines. Private hosting means I can run an established PaaS as the infrastructure of a enterprise, while guaranteeing public/private LAN/WAN segmentation.

      There is nothing in the current guidelines which preclude hosting in a private cloud structure. Private clouds using PaaS are inherently no less secure than 1990's style bandwidth heavy server-side solutions.

      Likewise, there is nothing that prevents HealthCare.gov from buying into an existing PaaS. Having a mature, common platform on which to design apps and interconnect from should have been a no brainer.

      So here's my nice new utterly simplistic 30 second response for you: Got a huge project? Pick one: Platform or application.

      I get it now. It's not the Tea Party. It's the Neo-Confederate Party.

      by DavidHeart on Sun Oct 20, 2013 at 10:45:43 AM PDT

      [ Parent ]

Subscribe or Donate to support Daily Kos.

Click here for the mobile view of the site