Sam Yount's Posts

The Most Popular Databases in Digital Health

Sam Yount on October 27, 2015

This is the second in a series of blog posts exploring the state of the digital health landscape from a technical perspective. Our first post on popular languages has already proven to be one of our most read blog posts. If there are other analysis you would like to see on the state of digital health, please get in touch

One of the things we have noticed in working with a variety of digital health companies is that there is much more willingness to explore database technologies when architechting a new application. While developing in a new language typically takes a serious investment and will greatly slow initial progress, a different database variant may present lots of benefits with a minimal learning curve. As such, I expect we’ll see some interesting trends emerge as we repeat this survey over the coming months and years.

For this survey, we examined the database layer for applications deployed on Aptible. The pupulation of databases is limited by what Aptible (and AWS) support. That said, we are very quick to add support for any database requested by users.

As this is the first time we have collected this data, we can’t make any definitive claims about trends. However, DB-Engine is a great source for trends in database popularity. Their methodology, however is much squishier than our directly measured metrics.

DB-Engine October 2015 Ranking
1Oracle
2MySQL
3Microsoft SQL
4MongoDB
5PostgreSQL
6DB2
7Microsoft Access
8Cassandra
9SQLite
10Redis

The most interesting difference in these lists is with Redis. The Aptible data is based on web and mobile applications while the DB-Engine list is based on a much broader variety of factors. So Redis may make more sense for the types of applications currently “hot” in the health tech world. It’ll be interesting to see how the list changes and whether the Aptible list is a leading indicator of rapidly growing Redis popularity.

Read more

The Most Popular Languages in Digital Health

Sam Yount on October 6, 2015

This is the first in a series of blog posts exploring the state of the digital health landscape from a technical perspective.

Working exclusively with companies in digital health, we are regularly asked about technical trends. One common question is, “What types of languages and frameworks do you see the most?” As a deployment platform for nearly 100 (as of October 2015) digital health companies with over 550 deployed applications, we have some interesting data.

For this survey, we examined the primary language for apps deployed on Aptible. We have tried to only include primary production apps and exclude any helper or logging apps (e.g., the ELK logging stack is a popular utility to run on Aptible, but doesn’t tell us much about the main app.) Finally, of course, these data only represent apps deployed on Aptible, so ASP.NET-specific languages are not represented.

As this is the first time we have collected this data, we can’t make any definitive claims about trends. There are other sources of data for the general tech community, such as RedMonk’s survey on popular programming languages and BuiltWith’s Framework Usage Statistics.

RedMonk Language Ranks
1JavaScript
2Java
3PHP
4Python
5C#
6C++
7Ruby
8CSS
9C
10Objective-C
11Perl
12Shell
13R
14Scala
15Go
BuiltWith Top 10k - Frameworks
1PHP
2ASP.NET
3J2EE
4ASP.NET Ajax
5Ruby on Rails Token
6Shockwave Flash Embed
7Ruby on Rails
8ASP.NET MVC
9Adobe Dreamweaver
10Classic ASP
11Adobe ColdFusion
12Express
13DAV
14Django CSRF
15Telerik Controls

Ruby and JavaScript dominate the Aptible sample, which makes sense because Aptible is used primarily to deploy web apps and mobile APIs. PHP is also popular, as it is on the open web. Java and PHP are used less frequently on Aptible than on the open web. To speculate, this may be because many Aptible apps were built recently, whereas top 10k sites may be older, with more legacy code.

Read more

Docker for Ruby Developers

Sam Yount on August 13, 2015

Our CTO Frank recently spoke at NYC.rb, to give Ruby devs an introduction to Docker, simplifying service-oriented architecture, wrapping databases in a uniform API, and achieving the Holy Grail of dev/prod parity.

Slides:

If you find this interesting, join us!

Read more

Aptible Powers PRIDE Study iOS App

Sam Yount on July 8, 2015

We’re proud to announce our role in the world’s first population health study focused on gay and transgender men and women.

PRIDE Study

Spearheaded by researchers at the University of California - San Francisco, the LGBTQ-focused study is called PRIDE. Researchers’ ultimate goal is to build the largest LGBTQ health database in history so that medical professionals have the proper tools to address the physical, mental and social issues exclusive to gender and sexual minorities. For example, 33% of the LGBTQ community are smokers, a rate far higher than the national average. While scientists speculate this statistic means that more of these community members die from cancer and other smoking-related diseases, there is no official data to back these theories. Needing a way to gather loads of sensitive information quickly and efficiently, PRIDE leaders reached out to the tech world, and we of course responded with innovation.

PRIDE App

The first contribution to the UCSF study was ThreadResearch’s iOS app, aptly named PRIDE. Employing the newly-released Apple ResearchKit, the app collects public health data using iPhones. Prompted to answer questions about their health history and concerns, LGBTQ participants will inform the longer-term PRIDE study, which kicks off in January of 2016.

Our Role

To ensure this private information remains secure, we’re powering a streamlined HIPAA- and IRB-compliant platform behind the scenes of PRIDE. Our CEO, Chas Ballew, says, “The UCSF PRIDE study is a great example of the changing face of health tech. Smart phones and cloud-based data collection are just now becoming viable solutions in the tightly regulated health-data world. We’re excited to be pioneers in this fast-growing technology.” Confident that their private information is protected under our prudent watch, researchers and study participants alike can now move forward into realms of medical advances that have never before been explored. And hopefully the fresh strategies developed by physicians will make a dent if not eradicate issues that have long plagued this misunderstood field of medicine.

Read more about the PRIDE study at http://www.pridestudy.org/

Read more

Aptible + AWS + Telepharm Webinar

Sam Yount on June 24, 2015

This week we teamed up with AWS and TelePharm to talk about architecting for HIPAA compliance in the cloud:



Slides:


More questions from the audience:

Does data that is stored long-term in RAM (in Redis, for example) need to be encrypted, or does it only need to be encrypted when persisted to disk? Does HIPAA require that data within a VPC be encrypted? Is data considered encrypted at rest on EBS if the instance is still running?

HIPAA has no specific mandatory requirement that data be encrypted, but regulated entities must take “reasonable and appropriate” measures to safeguard PHI. Whether data is encrypted at the point of breach depends on how a potential breach occurs. It may be more helpful to take a risk-based approach, breaking potential threats into categories and asking: How likely is an attack to be attempted? How likely is it to succeed? What impact to PHI would result?

The Aptible compliance platform helps customers analyze risk using SP 800-30 Revision 1, a federal methodology developed by NIST in collaboration with the Department of Defense and the Office of the Director of National Intelligence.

How do Aptible databases work?

Databases are built from standardized images and run in private subnets, inaccessible from the outside Internet. We attach encrypted storage volumes and make nightly encrypted backups.

The Dockerfiles we use to build database images are open source and available on GitHub. If you don’t see the one you want, you can build a custom database using our specification.

Please see our Reference Architecture diagram, and contact us if you have questions.

What AWS regions is Aptible available in?

Currently any region except GovCloud and China (Beijing).

If a deployment needs to be available in Europe as well as in the US, who is responsible for where the data is stored and how PHI data flows across regions?

Aptible customers define environments for apps and databases. Those environments run in discrete geographic AWS regions that you specify. Communication across regions is routed over the Internet. You can easily and clearly control the countries and legal jurisdictions where your data is stored and moves through.

How does Aptible manage data encryption on/through ELB?

We only pass encrypted data through load balancers. SSL/TLS is terminated on the EC2 instance. (See the webinar, around 24:47.)

I work for a national MSP. I’m a certified AWS Cloud Solution Architect. I have a customer in the healthcare vertical that would benefit from moving certain workloads to AWS. Is Aptible willing to partner?

Yes, we frequently work with technical partners. Please contact us.

Will Aptible and AWS sign Business Associate Agreements?

Of course. A BAA is included with Platform and Production accounts. You can request a BAA with AWS here.

Read more

Aptible at CoreOS Fest

Sam Yount on May 6, 2015

Frank spoke at CoreOS Fest today, about how Aptible uses containers to address security and compliance objectives. [UPDATE: Check out the video below, and visit the CoreOS Fest website to see some of the other topics and speakers.]

Video:

Slides:

If you find this interesting, join us!

Read more