Scalable AWS Data Platform for a Global Leader in Medical Diagnostics

  1. Home
  2. AWS Case Studies
  3. Scalable AWS Data Platform for a Global Leader in Medical Diagnostics

Scalable AWS Data Platform for a Global Leader in Medical DiagnosticsA global leader in healthcare diagnostics needed to modernize its Quality Control (QC) platform for hematology testing, engaging our cloud transformation services to support its worldwide operations. They partnered with FPT/Cardinal Peak to architect and develop a robust, multi-region AWS cloud platform capable of ingesting and analyzing IoT device data in real time. The resulting solution enhanced operational efficiency, strengthened regulatory compliance, and provided a scalable foundation for future innovation.

The Challenge: Scaling a Global Medical Device Data Platform

A world leader in in vitro diagnostic solutions required a next-generation Quality Control (QC) platform to support the global expansion of its hematology testing products. Their existing system faced significant challenges in scaling to meet growing operational complexity and diverse international regulatory requirements.

They needed an engineering partner with expertise in cloud-native application development to build a unified solution that could:

  • Adapt to Regional Variations: Accommodate different laboratory workflows, compliance standards (e.g., HIPAA, GDPR), and business rules across North and Latin America.
  • Process Data in Real Time: Ingest and analyze thousands of data points per second from globally distributed IoT-enabled diagnostic analyzers.
  • Provide High Configurability: Allow individual labs to customize quality metrics, data visualizations, and alerting to meet their specific needs.
  • Ensure Robust, Compliant Infrastructure: Build a secure and highly available platform aligned with modern digital healthcare standards.

The Solution: A HIPAA-Compliant AWS Platform for Real-Time Analytics

Our team of cloud engineering experts designed and implemented a sophisticated, multi-region data platform on AWS. We selected AWS for its proven scalability, comprehensive services for IoT and data analytics, and global infrastructure necessary to meet the client’s requirements. The architecture was designed around four key principles including 1) Real-Time Streaming Analytics, 2) Tiered Data Lake Architecture, 3) Cloud-Native Application & API Layer, and 4) Multi-Region Deployment & Compliance.

Figure 1: A high-level overview of the AWS services used to create the scalable, multi-region data platform

high-level overview of the AWS services used to create the scalable multi-region data platform

1. Real-Time Streaming Analytics

To handle high-frequency data from the client’s hematology analyzers, we leveraged Amazon Kinesis for data ingestion and Apache Flink for stream processing. This allows for the near real-time detection of anomalies.

We specifically chose Amazon Kinesis over alternatives like Apache Kafka for its serverless architecture and seamless integration with the AWS ecosystem. As a fully managed service, Kinesis automatically handles scaling and provisioning, which aligned with the client’s goal of minimizing maintenance overhead. While Kafka offers cloud-agnostic flexibility, it requires significant self-management, making the AWS-native Kinesis the optimal choice for this integrated solution.

2. Tiered Data Lake Architecture

Raw and processed data are stored in a tiered data lake built on Amazon S3, which provides 99.999999999% durability. We used Amazon EMR for batch processing workloads, enabling historical analysis and performance benchmarking.

3. Cloud-Native Application & API Layer

The front-end web application is hosted on secure, scalable infrastructure. We utilized Amazon RDS for structured data management and API Gateway to provide secure, API-based access for the application and other systems.

Figure 2: Custom QC dashboard provides lab engineers with real-time analytics and at-a-glance status of diagnostic analyzers

Custom QC dashboard provides lab engineers with real-time analytics and at-a-glance status of diagnostic analyzers

4. Multi-Region Deployment & Compliance

The entire infrastructure was built using a reusable codebase to support deployment in multiple AWS regions, ensuring data residency and compliance with local regulations in North America, Latin America, and future markets.

Navigating Healthcare Cloud Complexity

Building a global, real-time medical data platform requires overcoming significant technical hurdles that demand specialized expertise. Our value to the client was not just in implementing AWS services, but in architecting a solution that masterfully balanced the competing demands of regulatory compliance, performance, and cost.

Architecting for Rigorous HIPAA Compliance

Handling Protected Health Information (PHI) requires a comprehensive security posture, incorporating principles of secure software development from the device to the cloud. Our architecture was built on a foundation of controls designed for auditable HIPAA compliance, beginning with the execution of a Business Associate Agreement (BAA) with AWS. Key elements of our strategy included:

  • Complete Network Isolation: Workloads were deployed into a dedicated Virtual Private Cloud (VPC), using private subnets and VPC endpoints to ensure that PHI never traverses the public internet.
  • Robust Encryption and Key Management: All data was encrypted at rest using AWS KMS with customer-managed keys (CMKs) for granular control, and in transit using TLS 1.2+.
  • Principle of Least Privilege: Access was governed by fine-grained IAM roles. Multi-factor authentication (MFA) was enforced for all administrative access to AWS accounts and management consoles.
  • Continuous Monitoring and Auditing: We configured AWS CloudTrail to log all API activity for full auditability and enabled GuardDuty for continuous threat detection. The environment was further monitored with CloudWatch, Security Hub, and AWS Config rules to ensure ongoing compliance.
  • Resilient Backup & Disaster Recovery: The platform included automated, encrypted backups with defined data retention policies to ensure data integrity and availability.

Ensuring Low-Latency Data Processing at Scale

The platform needed to process thousands of data points per second in near real-time. While Amazon Kinesis Data Streams supports sub-second latency ingestion at scale, using services like Kinesis Firehose or poorly tuned consumers can introduce multi-second buffering. To meet the strict real-time requirements for user-facing dashboards, our team leveraged Apache Flink to process the streams as soon as events were ingested. We further minimized latency by keeping all ingestion and processing local to the same AWS region, avoiding the additional delays and costs of cross-region transfers.

Designing a Cost-Optimized, Multi-Region Infrastructure

Global scale doesn’t have to mean prohibitive cost. We designed the infrastructure with cost optimization as a core principle. This involved carefully selecting service tiers, such as configuring the number of Kinesis shards to match the required throughput without over-provisioning. For the vast amounts of historical data stored in the data lake, we implemented data lifecycle policies to automatically move older, less-frequently accessed data to more economical deep archival storage tiers, significantly reducing long-term costs. This approach also boosts performance by enabling data to be processed within the same region it is generated, minimizing cross-region latency.

The Results: Driving Efficiency and Global Compliance for Medical Devices

AWS’s ecosystem gave us the flexibility to process large diagnostic data volumes in real time while meeting regulatory standards across regions. It was a clear enabler of our global QC vision.

The new AWS-based Quality Control platform, engineered by FPT/Cardinal Peak, delivered significant improvements in efficiency, compliance, and scalability.

  • Accelerated Corrective Action: By replacing manual QC logging with automated, real-time data ingestion and visualization, lab engineers can now identify and respond to issues faster.
  • Strengthened Global Compliance: The multi-region architecture ensures the platform meets diverse and evolving regulatory requirements, simplifying market expansion.
  • Lowered Maintenance Overhead: The cloud-native, serverless design and reusable codebase significantly reduce the effort required for system updates and maintenance.
  • Enabled Data-Driven Insights: The centralized data lake allows for powerful historical analysis, helping the client benchmark lab performance and identify long-term quality trends.
Discuss Your Project

Partner with Cardinal Peak for Your Cloud Engineering Needs

Whether you are modernizing a legacy medical device platform or building a new cloud-native solution, our expert engineers can help you navigate the complexities of security, scalability, and regulatory compliance.

Dive into Project Details

Expertise

Markets

Related Projects
Advancing Surgical Device Development Through Long-Term Engineering Partnership
Case Study
AWS

Advancing Surgical Device Development Through Long-Term Engineering Partnership

Minimizing Downtime & IT Burden with Cloud-Connected Lab Instruments
Case Study
AWS

Minimizing Downtime & IT Burden with Cloud-Connected Lab Instruments

Transforming Scientific Discovery with AWS Cloud-Based Digital Image Processing
Case Study
AWS

Transforming Scientific Discovery with AWS Cloud-Based Digital Image Processing