Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Updated service architecture diagram

Production

(PRD)

and Integration

(INT)

environments

The diagram below shows the Tidepool Production (PRD) environment in detail.

Live Search
spaceKey@self
additionalpage excerpt
placeholderSearch this space

Image RemovedTidepool Platform Services v4.pngImage Added

Figure 2: Tidepool Production Environment (PRD)

Page Tree

All Production, Integration, QA Operations, and INT environment servers Development services are hosted on dedicated, HIPAA-compliant AWS EKS Kubernetes clusters.

All Analytics and Sandbox environments are hosted on dedicated HIPAA-compliant EC2 virtual machines and eventually dedicated, HIPAA-compliant AWS EKS Kubernetes clustersenvironments, though do not contain PHI.

Our Ops Operations, QA Development, and Sandbox environments are only used internally for Tidepool development, do not host end-user PHI, and are not covered under our HIPAA BAAs, but run in identical and separate environments for consistency in development, testing, and data isolation.

Tidepool uses a standard micro distribution of Linux called Alpine, which is secured by default and has had all unnecessary software packages and dependencies removed to minimize system footprint and make it resistant to attacks by removing all software that is not used. Software and services not installed do not need to be patched.

Info

All production user data is hosted in MongoDB instances running inside of MongoDB Atlas.

These Database as a Service (DBaaS) instances also run on AWS, but with the infrastructure for the databases handled as a managed service, under the care of MongoDB. MongoDB Atlas handles backups, software upgrades/patching of databases, network security.

All environments also store data in secure private encrypted AWS S3 buckets. There is no access granted to these S3 buckets other than via explicit policy, and only systems hosting the data and Tidepool AWS administrators may access S3 buckets. See Production access for additional details.

Network environments and virtual instances are designed and configured to restrict and monitor traffic between trusted and untrusted connections.The PRD environment consists of:

  • cluster-production: the Tidepool application, hosted in a kubernetes cluster.

  • atlas-prd-db1, atlas-prd-db2, and atlas-prd-db3: the MongoDB Atlas production cluster, configured as a replica set of three servers in a primary-secondary-secondary configuration (MongoDB info), in separate availability zones (See Use of MongoDB and Availability Zones)

Data from individual clinics or health systems is not kept physically separated, but there is no risk of commingling different clinics; each user is protected by a distinct user ID. Data is logically separated by user IDTidepool Services run as a multi-tenant, and data access is restricted via RBAC and Access Controls.

To synchronize the system clocks of all relevant information processing systems to facilitate tracing and reconstitution of activity timelines, all Tidepool servers sync to nist.gov using Network Time Protocol (NTP) or to Amazon Web Services NTP sources that do the same.