Eventum Orthopaedics is a MedTech start-up based in Yorkshire. Their current endeavour is to improve the satisfaction rates of patients who have undergone knee surgery, via medical technology innovation.
Client needs
“2 million people globally have knee replacement surgery each year and currently, up to 20% of all patients are dissatisfied with their outcome.”
Eventum Orthopaedics
Eventum Orthopaedics’ aim is the gathering of real-time intraoperative data with an aim to improve the above. Key to this is the process by which these data can be collected—taking into consideration the realities of the physical device input and the securing thereof—and the design and provisioning of a platform that can accommodate such needs.
They came to Hippo for guidance on designing a workflow to securely receive data and for assistance integrating with a third-party company implementing the medical device.
Hippo’s approach
Technologies utilised
The entire platform was implemented using Amazon Web Services (AWS):
- Amazon API Gateway — used to provide endpoints for both:
- receiving data from the medical devices
- allowing direct access to data for users (via a web UI to be implemented in a future iteration)
- Mutual TLS — an aspect of the above API Gateway, allowing secure authentication between the Gateway and the medical devices without the need for user input
- AWS Lambda — all backend services have been implemented using AWS Lambda, allowing for the services to easily scale should demand increase while keeping costs at a minimum during development.
- Amazon Aurora Serverless v1 — used as the primary relational data store, allowing the service to run at a minimal cost during development but readily scaling during the project’s planned later stages.
- Terraform — following an Infrastructure as Code paradigm, the entire platform has been built using Terraform, allowing us to more readily create, remove and iterate components and services.
Overview
Designing workflows to accommodate authentication and inconsistent connection
The focus of much of our work was designing a workflow by which data could be reliably and securely sent from a medical device and stored for analysis.
There are several points of interest here:
- The device must authenticate to allow the data to be sent securely with assured provenance.
- Authentication must require as little human intervention as possible.
- We cannot assume a consistent connection between the devices and our platform.
- We must account for failures both during authentication and during the transit of data.
We worked with Eventum Orthopaedics to design workflows that would accommodate the above.
Using Mutual TLS to limit human intervention and increase device control
Mutual TLS was chosen as the mechanism by which the devices would authenticate as this would:
- Require no human intervention beyond the initial provisioning of a certificate
- Allow us to uniquely identify the device from which data were being sent
- Allow us to revoke a certificate (and thus prevent a device from sending further data) should the need arise.
Any connection issues between the device and the platform will result in the device caching data and periodically retrying until a stable connection could be made. These data could then be attributed to specific patient data within the platform at a later time, minimising the work required from the device.
Value added for Eventum Orthopaedics
Immediate value add: clearly defined process and platform with clear outcomes
As the development of the medical device is key to the project’s success, having a clearly defined process and platform with which the developers can integrate has been paramount throughout. By tackling these key integration points early in the project, we have aimed to avoid anything which would impact the device’s development while providing a clear outcome for the development of the platform itself.
Future value add: ready access to data and scalability
There are two main areas for future success: scale and access.
Although the acquisition of the data has been the focus for this phase, providing ready access to analyse said data is core to the future success of the project. Similarly, any future development will result in increased resource demands—by opting to use AWS, using serverless components and aiming to de-couple services as much as possible, this will allow for any future growth while not impacting existing usage as components scale as required.
