nchica 2018 amc conference building health information company security … · 2018-06-11 · 2018...
TRANSCRIPT
NCHICA 2018 AMC Conference
Building Health Information Company Security from Scratch
Shay Hassidim , CTO
June 11th 2018
Agenda
• Introducing Sema4
• Sema4 Technology Towers
• Security – The Defense layers
• Data Flow
• ITIL-ITSM
• Cloud Gravity
• Governance
• Decentralizing & Democratization
Biochemical Genetic
Testing
Bioinformatics Research and Clinical Test Development
Sema4: Patient-Centered Predictive Health Company & Leader in Diagnostic Testing
Launched on June 1st 2017, Sema4, a
venture of Mount Sinai, is a patient-
centered predictive health company
founded on the idea that more data,
deeper analysis, and increased
engagement with health care providers
and patients will improve the diagnosis,
treatment, prognosis, and prevention of
disease
Sema4 is led by Dr. Eric Schadt, renowned
scientist with over 350 peer-reviewed
publications in top tier journals
Sema4 is a full-service genetic testing
provider, and has ~400 employees with
HQ in CT, next gen genomic labs and
product R&D in NYC and CT, and a
nationwide sales team.
Scaling genetic testing business
nationwide and creating deep
digital engagement with data-
sharing patient-consumers
The Company The Present The Future
Diagnostic and
Sequencing Testing
Digital Products
Cytogenetic and
Cytogenomic Testing
Sema4 Technology Towers
App lifecycle Automation ,
Orchestration , ITSM , DevOps ,
ITOps , IT Governance
IoT – lab instruments ,
wearable devices, Real
time analytics
AI - Machine Learning, and Deep Learning,
Big Data , NoSQL
Cloud - private / public / hybrid , HPC next
generation
Enterprise grade security, NFV , HA , DR ,
BlockChain
In Memory compute , GPU , TPU , FPGA , BrainWave ,
DNN PU, Spark
Core IT – Network , 365 , End-Point Security , Backup , Storage , Collaboration …
Recent biggest healthcare breaches
http://www.healthcareitnews.com/slideshow/biggest-healthcare-breaches-2017-so-far
Types of HIPAA Breaches
https://www.calyptix.com/hipaa/discover-the-top-3-causes-of-hipaa-violations-and-their-simple-solutions/
IT to handle proactively via
automating processes and
policies enforcement
End point security –virtual desktop
End point security
everyone to be vigilant - if we do not collectively act as stewards of our data, we're not protecting our
investment!
Sema4 Cloud
Bio-Informatics/Analytics Flow
BAM / VCF / TSV / logs
FASTQ / BAM / VCF / TSV
SLA Based Monitoring
SLA automated based monitoring
and alerting
unlimited compute & storage capacity ,
HA , DC OOTB
Fast archiving , automated , fast
retrieval
Sema4 Labs
AWS EMR
AWS Batch
AWS EFS
S3
AWS Glacier
AWS Aurora
Text mining
Bio-informatics workflows
Data and compute intensive. Running 24x7
ITIL
Information Technology Infrastructure Library, is a set of detailed practices for IT service management (ITSM) that focuses on aligning IT services with the needs of business.
• Developed by the UK Government’s in the 1980s.
• Adopted by government agencies and private sector world wide.
• Improve the alignment of IT to the business
• Improve the quality of the IT services
•Lower the cost of delivering IT
Sema4 Service Portal Cloud Storage Governance and resource creation automation example
Sema4 IT
1- Log into Sema4 SN Portal and
Request Something
2 - Select S3
3.a - Select an existing bucket
to access
3.b - Or Request a new bucket to create & access. Using the Group/Project/ Application to generate a unique bucket name. Set
encryption mode based on PHI type.
4. Approval
5. Orchestration via template+blueprint. Generate the policy
and call AWS API
Automation – end to end
Cloud Governance
Automated enforcementStructured
Multi-tenantConfig as Code
Event BasedVersioned
Context aware
InefficientSlow
ManualUnmanaged pile of
scriptsHard-CodedUser based
Non-portable
XaaS
Organization
IT
Application infra Developers DBaaS
MOMaaS
EnythingAaS
Blueprints /
Templates
Fully running
app
VPC , VPN , Compute,
Storage resources
EaaS
Blueprint & Deployment
Blueprint
Deployment 1Dev
Deployment 2UAT
Deployment 3Prod
Create deployment
Execute workflows(e.g.. "install")
Execution 1Execution 1Execution Execution 1Execution 1Execution
Execution 1Execution 1Execution
Upload
blueprint
• Install• Uninstall• Scale• Heal• Upgrade• Custom workflow• …
Workflows environments
Bizz Dev/ Collaboration environments
Product environments
User / Roles policies
Network config policiesFile storage policies
Database config policies
Compute resource policies
Policies repo
Blueprint catalog
Workflows blueprints
Web Portal blueprints
Big Data blueprints
Data science blueprints
Fully automated policy enforcement.
Data and deployment governance
The Next Horizontal Innovation in Data Management
• Similar to the introduction of Cloud computing, Distributed databases, IoT and more recently, Edge Computing – Blockchain, is the latest horizontal innovation disrupter in data and computing management hitting the Fortune 50.
• It is a transformative technology, revolutionizing privacy, data management and governance almost in every sector including healthcare and genomics IT.
• Major cloud vendors such as AWS , Oracle, IBM, Microsoft - offer Blockchain Cloud service. This demonstrates the popularity of such data management functionality.
28
Summary• Most public cloud vendors
offering everything IT may need to run complex workloads on the cloud using cloud native services
• Data governance , deployment , security controls – All MUST use automation to enforce corppolicies.
• New horizontal innovations should be considered to form data sharing platforms in a global scale