Update 05/09/2019: AWS is now certified HDS as well
Well at first we started with AWS, but we soon realized that because we’re dealing with health data, the law in France ask us to store sensitive data on certified cloud platforms. So we asked Amazon about the certification as soon as they delivered a datacenter located in France. They answered that we have to make a deal with one of their partner. That was fine for us, until we asked a quote. We discovered that they impose fixed charges that we can not afford to commit for the moment. I won’t go into further details but know that it costs several thousands Euros per year.
We also quickly looked at OVH solutions. The problem is that you get a private cloud where you have to manage your servers. This is far from our goal to go full serverless. And again there was a cost.
Then we asked Azure about our needs, knowing that they obtained the certification. Again they asked us to get in touch with one of their partners. We thought at first that it would be the same as AWS and that the cost would prevent us to deliver our business. But we were wrong.
Believe it or not but there is no additional cost to storing health data on Azure. We asked for confirmation several times to be sure.
Basically, the architecture is like the following:
- Our web application is now running on Azure, as well as the database containing sensitive informations.
- Our corporate web sites, identity management solution, and subscription database are still running on AWS where we deployed them at first.
I’ll go into more details in a future post to describe the architecture in details. Stay tuned.