Virta uses Aptible to Achieve HIPAA Compliance and Pursue their Growth Goals

Virta is a technology enabled medical clinic using continuous remote monitoring and intensive coaching to help their patients reverse Type 2 Diabetes. Virta chose Aptible to easily fulfill compliance requirements and maintain security so its team can stay focused on delivering a personalized clinic experience for its patients.

Virta’s Engineering team was tasked with ensuring that patients get support when they need it and that Virta is reliably and privately tracking data about its patients’ health. With patient data tracking and analytics being part of its core competencies, compliance is critical. The engineering team had to find a way to be compliant, empower the clinic, and provide patients with the best experience and outcomes.

As a company that supports patients through a combination of sophisticated machine learning, highly trained expert coaches, medical doctors, continuous remote monitoring, and a mobile application; Virta’s team knew they would need something to help them build and deploy their applications quickly, scale their operations efficiently, and keep everything secure. That's why they chose Aptible Deploy.

Build and Scale

When Virta hired its first engineer in the spring of 2015, the company already had a clinical trial scheduled with a fixed start date. The engineering team had to build the mobile app and spin up HIPAA compliant server infrastructure, all before an August deadline. The team had experience in building web and mobile applications, but not in DevOps infrastructure. “I knew enough ops to be dangerous but it’s not my specialty. When I asked around about how to build a HIPAA compliant stack, Aptible was recommended. I had no familiarity with Docker. I looked into it and said this is gonna work, lets do it.” says founding engineer, Erica Frandsen.

“I looked into it and said this is gonna work, lets do it.”

Virta’ ambitious goal of aiming to reverse diabetes in 100 million people by 2025 meant that they would need to focus on building personalized support--at scale. Reliance on specialized coaches and medical doctors is difficult to scale out. “Our biggest challenge is how to we get from thousands of patients to millions. We cannot scale our human interactions to 1 million patients or even 100,000 patients because of the amount of health coaches we would need.” said Justin Ryan, DevOps Engineer at Virta.

“Being able to launch and scale (just by toggling options in the admin panel) is really exciting.”

That’s why Virta is developing machine learning techniques to give patients the answers that they need inside the Virta app, without relying on as many human touchpoints. They want to automate personalized patient interactions through their mobile app, using machine learning processes on the patients’ collected data to better predict their needs based on their individual health metrics. By shifting from human touchpoints to automated, personalized prompts, Virta will be able to scale to serve millions of patients. “Being able to launch and scale (just by toggling options in the admin panel) is really exciting.” says Justin. Deploy’s deep integration with AWS and ability to talk to multiple specialized web services while maintaining best-in-class data privacy and security controls enable Virta to build out more automation, improve their analytics, and continue to collect the data data they need to improve patient experience and care without their engineering team having to worry about scalability and security.

Flexible and Secure

Virta’s team realized early on that they needed a platform that didn’t ask them to sacrifice flexibility and power for security. Their machine learning use cases, like analyzing patient data at scale, work best on AWS Redshift. However, they also need for web frontends to talk to their apps in way that is a secure and HIPAA compliant. For those use cases, developer agility is important - so Virta uses Deploy. As Justin Ryan said, “Amazon has hundreds of different specialized web services. As we continue to grow, if we want to use Elastic MapReduce or other AWS services that are HIPAA compliant, we want it to talk to Deploy.”

“Using Deploy is a huge peace of mind for us. It’s not just that it frees me up from working on security and compliance. It frees me up from worrying about them.”

Virta uses Deploy’s number of secure integration points, such as VPN Tunnels and VPC Peering connections to ensure that patient data is stored privately and that their machine learning use cases have secure and compliant access to the data. Since Virta is hosting their machine learning use cases on AWS, and VPC is easy to set up with Aptible Deploy, VPC Peering was the best choice to facilitate the secure, HIPAA compliant, transfer of data between Deploy and their other AWS instance. “With VPC we just post a little number on in our forms on each end and boom - our networks are connected.” says Justin.

The Future: Securely Scaling to 100M+ Patients

The Virta team is driven by the improvements they see in their patients. Today Virta has hundreds of containers and is serving thousands of active patients on Aptible Deploy.  “Using Deploy is a huge peace of mind for us. It’s not just that it frees me up from working on security and compliance. It frees me up from worrying about them.” says Justin.

Going from serving thousands of active patients to serving millions will require shifting from frequent human touchpoints to more automated support. Scaling out the clinic’s personalized functions will be challenging. Fortunately, Virta can focus its engineering resources on this task without worrying about scaling issues around its server infrastructure or security program. Virta’s setup with Deploy frees up engineering resources, and is designed to scale. “I’m fairly confident that as we struggle to scale people in the organization, we have a long way that we could go with Aptible just by moving sliders. We can just increase the number of containers with minimal work. There’s a lot of security in that.” says Justin. Leveraging Aptible Deploy for its power, flexibility, scalability, and security, Virta is well on its way to achieving its goals.