The client is a Europe-based healthcare company offering Electronic patient reported outcome (ePRO) SaaS system for recording and evaluation of patient and clinical reported outcome data in oncology domain. They developed an ePRO system and were looking for a most-suited cloud service partner to migrate their health records to the cloud environment. Infosys helped the client in selecting the best-suited cloud service provider in terms of data privacy compliance as a pivotal factor.
Infosys built a completely new stack of applications and platforms on Azure with strong security solutions.
Key Challenges
- To identify the best suited cloud service provider based on their data privacy compliance capabilities
- To identify and analyze statutory laws/ regulations to abided with
- Analyze the capabilities of cloud service providers – AWS, MS Azure, GCP, with regards to the identified obligations
The Solution
Privacy regulations defined as per industry standards
- Identified 29 privacy and healthcare laws, considering client's industry and geographies of operations
- Defined privacy obligations in the form of a common control framework
- Analyzed privacy capabilities and compliance reports of the cloud service providers against the framework
- Prepared and shared a detailed qualitative and quantitative report along with the ratings
Benefits
Informed decision making and timely reporting
Ensured integrity of the analysis result by leveraging compliance reports and official websites of the cloud service providers
Better and logical decision in choosing the right cloud service partner by using the quantitative scales and ratings
The report also enabled the client to identify insufficient or missing controls with the chosen cloud partner
