HealthStack provides battle-tested Terraform modules for building secure and compliant healthcare infrastructure on AWS. These modules help healthcare organizations deploy HIPAA-compliant environments with confidence, focusing on security, scalability, and compliance from day one.
- π‘οΈ Security-First Design: Pre-configured security settings aligned with healthcare compliance requirements
- 𧩠Modular Architecture: Mix and match components for flexible infrastructure deployment
- π Comprehensive Documentation: Detailed guidance and examples for each module
- π Continuous Updates: Regular security patches and compliance enhancements
- β‘ Rapid Deployment: Deploy compliant infrastructure in minutes, not weeks
| Module | Description | Status |
|---|---|---|
| AWS WAF | Web Application Firewall with healthcare-specific rule sets | β Available |
| AWS HealthLake | Managed FHIR service with secure storage and access controls | β Available |
| AWS S3 | Secure storage with encryption, versioning and lifecycle policies | β Available |
| AWS KMS | Key Management Service for data encryption and key rotation | β Available |
| AWS VPN | Secure VPN connection with multi-factor authentication | β Available |
| AWS CloudTrail & CloudWatch | Comprehensive audit logging, monitoring and alerting | β Available |
| AWS VPC | Multi-AZ VPC with public/private subnets, flow logs, and VPC endpoints | β Available |
| AWS Bedrock | AI agents and machine learning with guardrails | π Coming Soon |
| AWS RDS | Managed databases with encryption and backup | π Coming Soon |
| AWS GuardDuty | Threat detection service | π Coming Soon |
| AWS Backup | Automated backup and disaster recovery | π Coming Soon |
Each module includes step-by-step documentation in its respective folder. Here's a simple example of setting up a FHIR repository:
module "healthlake" {
source = "github.com/momentum-ai/healthstack.git//aws-healthlake/module"
datastore_name = "fhir-datastore"
kms_admin_iam_arn = var.my_admin_user
preload_data = false
create_kms_key = true
data_bucket_name = "fhir-data-bucket"
logs_bucket_name = "fhir-logs-bucket"
}- HIPAA Alignment: Modules designed with HIPAA Technical Safeguards in mind
- Encryption Everywhere: All data encrypted at rest and in transit by default
- Least Privilege Access: Fine-grained IAM policies limiting access to protected health information
- Audit Trails: Comprehensive logging for all infrastructure activities
- Regular Security Scans: Modules continuously tested against security benchmarks
We actively maintain and enhance these modules based on emerging security standards and AWS best practices. Current focus areas:
- Adding SOC2 compliance validation tools
- Adding more modules
- Expanding support for healthcare-specific workloads
- Implementing automated security scanning pipelines
We welcome contributions from the healthcare and security communities! Here's how you can help:
- Fork the repository
- Create your feature branch (
git checkout -b feature/amazing-enhancement) - Commit your changes (
git commit -m 'Add some amazing enhancement') - Push to the branch (
git push origin feature/amazing-enhancement) - Open a Pull Request
Please review our contribution guidelines before submitting changes.
- Documentation: Review the detailed README in each module directory
- Issues: Open an issue for bug reports or feature requests
- Direct Support: Contact us at hello@themomentum.ai for personalized assistance
- Office Hours: Join our monthly virtual office hours (schedule on our website)
HealthStack is available under the MIT License.
Built with β€οΈ by Momentum β’ Helping healthcare innovate with confidence
