AWS Startups Blog

Galen Data on Building on the Shoulders of Giants

Guest post by Abbas Dhilawala, CTO & Co-founder, Galen Data

Our mission at Galen Data is to connect all of the world’s medical devices. It’s a bold one, but we believe connectivity is key to innovation in healthcare. From remote monitoring, telehealth, and early diagnosis, to personalized medicine — these all require data obtained by connecting medical devices and other repositories to a centralized system.

We have been able to help medical device companies achieve their connectivity goals by “building atop the shoulders of giants” — in other words — leveraging the pre-existing AWS cloud to build a compliant, scalable, and cost-effective cloud solution for medical device companies.

Cloud Connectivity Challenges

Getting a medical device connected to the cloud comes with a unique set of obstacles, including engineering and biological challenges, and concerns around patient safety, data security, and privacy. There are a host of global, national, and local regulations as well as industry standards one must comply with to bring a medical device to the market, making the process of getting connected very daunting if going at it alone or without an expertise in these areas. Adding data management to this mix only increases the business risk and burden the medical device manufacturer must bear. That’s where Galen Data comes in.

Last year, we had a client approach us with a common challenge faced by early medical device companies: they needed to get their device connected to the cloud in an affordable, scalable, and compliant way — fast! They first attempted to build a home-grown solution, but quickly found that to be more expensive and complex than anticipated. Their system didn’t meet the unique privacy and security requirements for a medical device, and was missing key functionality such as reporting and access controls.

The Solution

While medical device companies are often made up of experts in therapeutics, diagnostics, engineering, manufacturing, regulatory, and/or quality, they tend to lack the expertise in the intricacies of cloud development and management required for a connected medical device.

Our cost-effective, secure, and scalable cloud solution enabled our client’s device to collect, store, share, and analyze clinical and device data. In accelerating the process, this client estimated at least 50% cost-savings over building its solution from scratch.

So, how did we do it? With decades of combined medical device and cloud development experience, we leveraged the global footprint and suite of services that AWS provides to create a configurable, scalable cloud platform to connect our client’s device and manage its data.

Medical device companies building their digital health offering on top of the Galen Cloud™ reduce time-to-market and often cut as much as 73% of the engineering cost. Our platform is built to comply with many regulatory requirements including: US FDA, EU CE Mark, Health Canada, etc. The Galen Cloud™ provides a host of built-in services such as identity and access management, patient management, device management, data analysis and visualization, and more. Companies can easily configure these services to their needs with a few clicks and get their device  connected in as little as 2 weeks!

Leveraging AWS

Medical devices constantly send and receive large amounts of data, and our systems are used by providers and patients to make critical healthcare decisions. In some cases, alerts and notifications the Galen Cloud™ sends could mean the difference between life and death in an emergency situation. Having a system that is highly available and can easily scale up and down is a must for us. AWS provides industry-leading availability and durability SLAs.

High Level Architecture Diagram

We leverage AWS Fargate to deploy our APIs (the backbone of our services) in containers across regions and availability zones (AZ). This ensures that our system is available and reliable at all times. It also allows us add new containers within seconds when demand goes up, while scaling down when demand is lower, controlling costs for our client. It makes deployment easier and we scripted our deployment process from our CI servers to allow us to maintain full traceability of deployments, and we have a multi-AZ setup for our database servers as well.

Security and Compliance

Connected device security has been a large focus of the FDA in recent years, and it will continue to be so as more and more devices are brought online and connected. The Galen Cloud™ leverages the certifications that AWS already has around privacy and security (HIPAA compliant services, GDPR compliance, ISO 27001, HITRUST, SOC etc.) and builds on top of it.

Here’s how we maintain a secure, compliant service to our clients:

●      Ensure direct system access is limited to a whitelisted set of IP addresses.

●      Set up all AWS Identity Access Management (AWS IAM) users with multi-factor authentication.

●      Use an auditing system to record all access and modifications over direct SSH access.

●      Set up our storage (Amazon EBS, Amazon S3) to use encryption with keys managed by Amazon Key Management Service (Amazon KMS) and rotate keys on a regular basis.

●      Ensure all traffic to and from the internet (and within the VPC) is encrypted.

●      Use Amazon Inspector and Amazon Audit Manager to ensure the EC2 instances are configured properly and compliant to CIS Benchmarks.

●      Add security controls in the application itself such as multi-Factor authentication, audit logs, and role-based access control to the underlying data.

Security is an ongoing concern, and we leverage tools directly from AWS (such as AWS CloudTrail, Amazon GuardDuty, Amazon Macie) and AWS Marketplace to help us understand the traffic patterns and provide intelligent insight into areas of vulnerability. We also use AWS Web Application Firewall in front of our API servers to prevent malicious traffic.

Final Thoughts

Using the countless features available from AWS, we are able to do all of this without breaking the bank. A significant part of our value proposition is that we are a cost-effective solution for everyone, from startup medical device companies, to companies with multi-billion-dollar revenues. AWS’s usage-based pricing, reserve instances, and high-volume discounts allow us to price our systems in a way that scales with our customer’s growing needs.

We have only scratched the surface of our vision. As we continue building our platform with innovative features such as deeper analytics around device usage and device health, we plan to leverage more of the services AWS has to offer. In particular, we are excited to dwell into the suite of machine learning and analytics services such as Amazon Kinesis, Amazon Lex, Amazon SageMaker, and much more.

Having chosen AWS, we are confident we can grow at scale without compromising quality, security, or availability, and ultimately make a positive impact on the lives of patients on a global scale. Drop us a line if you are interested in learning more about medical device cloud connectivity and how Galen Data makes that globally accessible.

About Galen Data

Galen Data, Inc. provides a turnkey cloud solution for medical device makers that is configurable, secure, and compliant. The company was founded to make device-to-cloud connectivity possible in a matter of weeks instead of months, and at a fraction of the cost. The Galen Cloud™ collects and securely stores data, and includes tools to visualize and analyze that data. Dashboards and alerts for the manufacturer, medical team, and patients are also provided within the platform. The software platform is compliant to FDA, HIPAA, and CE Mark standards, and is ISO 13485:2016 certified. Dozens of companies have partnered with Galen Data to solve their medical device connectivity needs.