AWS Public Sector Blog

The benefits of running controlled substance databases with AWS

AWS branded background design with text overlay that says "The benefits of running controlled substance databases with AWS"

Healthcare authorities and providers use state-run controlled substance databases (CSDs) to track prescriptions and identify patients for substance abuse. CSDs help evaluate treatment options, screen patients who may be at risk for drug abuse problems, and make informed decisions about prescribing medication.

While modernizing CSDs is crucial for healthcare systems, Amazon Web Services (AWS) is making significant efforts to support the healthcare industry through innovative cloud technologies to improve patient care, manage healthcare data securely, and reduce costs.

This post will explain how healthcare authorities can leverage this wealth of data to enhance their decision-making processes within business operations by using AWS.

Benefits overview

CSDs in the cloud are a strategic move for state and local government healthcare systems looking to enhance patient care, improve efficiency, and stay adaptable in an ever-evolving healthcare landscape while ensuring the security and privacy of patient information. These are some of the benefits of moving CSDs from on-premises infrastructure to AWS to support modernization efforts:

  1. Scalability – Healthcare systems need to handle various workloads to serve different business needs. AWS Cloud solutions allow for easy scalability, ensuring that CSDs can accommodate growing data and usage demands without major infrastructure overhauls.
  2. Interoperability – Cloud-based solutions can be designed to seamlessly integrate with other healthcare systems and applications, improving data exchange between different entities in the healthcare ecosystem. This interoperability is vital for providing comprehensive patient care.
  3. Accessibility – Cloud-based CSDs can be accessed from anywhere with an internet connection, promoting remote healthcare.
  4. Cost-efficiency – Cloud solutions often follow a pay-as-you-go model, reducing upfront capital expenses and allowing healthcare organizations to allocate resources more efficiently.
  5. Data analytics – Cloud-based CSDs can use advanced data analytics tools to derive insights from patient data, leading to better decision-making and patient care improvements.
  6. Disaster recovery – The AWS Cloud offers robust disaster recovery options, ensuring that patient data is protected and can be quickly restored in case of unforeseen events.

Data security and governance

AWS provides a range of services and features to support healthcare organizations in handling Health Insurance Portability and Accountability Act (HIPAA) and protected health information (PHI) healthcare data while maintaining compliance and security. It’s important to note that while AWS provides a secure and compliant infrastructure, healthcare organizations are responsible for implementing proper security measures, access controls, and policies to ensure the protection of HIPAA and PHI data. Organizations should also conduct their own risk assessments and audits to ensure full compliance with regulations.

  1. HIPAA compliance – AWS offers a HIPAA-compliant environment, including a Business Associate Addendum (BAA) for covered entities. AWS aligns its services and infrastructure with HIPAA requirements to ensure data protection. AWS partners with third-party vendors that offer HIPAA-compliant solutions for healthcare organizations, such as electronic health record (EHR) systems, data analytics, and more.
  2. Encryption – AWS provides encryption at rest and in transit to safeguard your data. Data can be encrypted using AWS Key Management Service (AWS KMS) for additional control over encryption keys.
  3. Access controlAWS Identity and Access Management (IAM) allows organizations to manage and control access to resources, ensuring that only authorized personnel can access data.
  4. Audit logging and monitoringAWS CloudTrail and Amazon CloudWatch enable healthcare organizations to monitor and log all activities, which helps in auditing and maintaining compliance with HIPAA regulations.
  5. Secure networkingAmazon Virtual Private Cloud (Amazon VPC) allows organizations to securely create isolated networks and deploy resources. AWS Direct Connect and AWS VPN connections ensure secure data transfer.
  6. Data backups and recovery – AWS provides robust backup and recovery solutions, ensuring the availability and integrity of healthcare data in case of data loss or disaster.

Data visualization workflow for CSDs on AWS

Data visualization for CSDs can help businesses identify the current trends of medications and behaviors to prioritize resources and respond appropriately. Amazon QuickSight is a unified business intelligence (BI) tool to help organizations build visualizations, perform data analytics, and quickly get business insights from their data. With CSDs running in Amazon Aurora PostgreSQL-Compatible Edition, agencies can pull data directly out of the cloud-based database and then connect to QuickSight dashboards to understand issues such as prescription trends in specific areas and patient behaviors. Data visualization is not only a single source of truth but also a fundamental strategy for organizations to ensure data reliability, enhance decision-making, and ultimately achieve their business goals.

The following architecture diagram shows an example solution that can support businesses in making decisions based on the dashboards. The public can also gain insights into the sharable data using the web portal. The solution uses AWS Database Migration Service (AWS DMS), Aurora, Amazon Athena, and QuickSight.

Figure 1. The high-level architecture of an example solution that uses AWS to run CSDs.

AWS services

  1. AWS Schema Conversion Tool (AWS SCT) assists organizations in seamlessly transitioning their database workloads to the AWS Cloud while automatically converting the schema and database code to be compatible with AWS services.
  2. AWS DMS and the AWS SCT are often used together to facilitate heterogeneous database migrations to the AWS Cloud. AWS DMS starts the replication task to begin data migration, and then continuously captures changes from the source database on-premises and replicates them to the target database in the AWS Cloud. Depending on your requirements, you can choose to keep the source database operational during the migration or plan for a specific cutover time when you switch to the target database.
  3. Aurora PostgreSQL-Compatible gives you the performance and availability of commercial-grade databases at one-tenth the cost. Running a database on Aurora PostgreSQL-Compatible is a popular choice for organizations seeking a high-performance, scalable, and reliable database solution. Running a database on Aurora PostgreSQL-Compatible provides a combination of high performance, compatibility, scalability, fault tolerance, and security while reducing operational overhead. These advantages make it a compelling choice for a wide range of applications, from small-scale projects to large, mission-critical systems.
  4. Athena works well with Aurora PostgreSQL-Compatible to provide a powerful data analytics and reporting solution. They enable you to separate operational and analytical workloads, scale to handle large datasets, and access data for analytics without compromising the performance of your transactional database. This setup supports cost-effective, SQL-based analytics and reporting on data stored in Amazon Simple Storage Service (Amazon S3).
  5. QuickSight is a BI and data visualization tool provided by AWS. When used in conjunction with Athena, which is a serverless query service for analyzing data in Amazon S3, it offers several benefits for organizations looking to gain insights from their data. Combining QuickSight with Athena empowers organizations to perform serverless analytics, create interactive dashboards and reports, and access, visualize, and share data insights effectively. This combination provides a powerful and user-friendly solution for data analysis and visualization.
  6. QuickSight dashboard embedding into applications or web portals extends the power of data analytics to a broader audience by providing seamless, real-time access to critical insights. Users, both internal and external, can make data-driven decisions without the need to navigate to a separate BI tool. This fosters faster and more informed decision-making. Additionally, embedding QuickSight dashboards enhances the user experience, ensuring that data is presented within the context of the application and creating a more cohesive and user-friendly environment. With embedded dashboards, organizations can also maintain control over data access, security, and authentication, as QuickSight provides fine-grained access controls and integrates with various authentication mechanisms. Overall, dashboard embedding with QuickSight empowers organizations to offer a superior data-driven experience to their users, streamline workflows, and drive more effective actions and public awareness.


To better support and inform public health intervention and clinical decision-making, state agencies can use AWS to help make controlled substance data simpler to use and more accessible for health authorities. And providers at the state level can bring awareness to the public by building sophisticated applications.

To learn more, refer to AWS Cloud Security – HIPAA, Amazon Aurora features, and Introducing field-based coloring experience for Amazon QuickSight.

Nan Gabriel

Nan Gabriel

Nan is an enterprise solution architect with 20 years of experience. Specializing in healthcare and life sciences, her passion lies in harnessing the power of Amazon Web Services (AWS) to modernize database management and data analytics. She helps customers use AWS to design and execute effective migration strategies to drive organizational success.