About our Client

Our client is an American nonprofit organization dedicated to alleviating the burden of medical debt. By partnering with hospitals, third-party debt collectors, and leveraging donor support, the organization purchases millions of dollars of medical debt at reduced prices, ensuring clients are relieved of their debts without any negative impact on their credit ratings.

Since its establishment, the organization has successfully erased over $11 billion in medical debt, helping over 7 million Americans. The organization collaborates with medical providers to promote better financial aid initiatives and advocates for policy changes to improve medical debt regulations in the United States.

Challenge

The nonprofit needed a comprehensive infrastructure modernization. Initially, Apption was invited to assist with a smaller project focused on integrating PowerBI for their reporting. During this project, we identified significant opportunities for improvement in their infrastructure and application delivery, and successfully convinced the organization of the need to overhaul their entire infrastructure. Consequently, Apption was tasked with modernizing their infrastructure and application delivery. The work had to account for a tight cloud budget while ensuring that the nonprofit could maintain their HIPAA compliance and achieve SOC 2 compliance.

Apption’s Solution

Apption approached the modernization of the nonprofit’s infrastructure with a structured and phased strategy. We began by designing a robust Kubernetes cluster architecture on AWS, ensuring the new infrastructure could support the organization’s scaling needs while adhering to a tight cloud budget. This design prioritized compliance with SOC 2 and HIPAA standards, ensuring that all aspects of security and regulatory requirements were met from the ground up.

Once the infrastructure design was in place, we established a solid foundation for infrastructure management using Terraform. This enabled consistent and repeatable deployments across the environment. To further streamline infrastructure upgrades and maintenance, we introduced Terragrunt, which simplified and enhanced our Terraform workflows.

With the Kubernetes cluster ready, we proceeded to migrate all existing applications to Kubernetes. Leveraging Kubernetes for its scaling and self-healing capabilities ensured high availability and resilience of applications. During the migration, we also improved observability by integrating logging, metrics, alerts, and dashboards, providing better insights into system performance and health.

To streamline and accelerate the software development lifecycle, we implemented Continuous Integration/Continuous Deployment (CI/CD) pipelines leveraging GitHub Actions and Flux CD. This automation ensured faster, more reliable deployments and minimized the risk of errors. Additionally, we addressed vulnerabilities using Static Application Security Testing (SAST) like Sonarqube.

To safeguard the modernized infrastructure, we implemented comprehensive disaster recovery frameworks tailored to various scenarios, including regular production backups to both AWS and Google Cloud. Enhanced data and cloud security measures were put in place, significantly improving the organization’s security posture and bringing them closer to achieving SOC 2 compliance while maintaining HIPAA compliance.

Following the successful infrastructure modernization, the nonprofit was very pleased and commissioned Apption to help with application development. This included web applications using modern programming languages like Golang for its performance, as well as serverless application solutions on AWS designed to optimize performance and cost-efficiency. By modernizing the infrastructure and developing new services, Apption delivered a comprehensive solution that not only met the current needs of the nonprofit but also positioned them for future growth and success.

The Outcome

The infrastructure modernization resulted in significant time and cost savings, bringing the nonprofit closer to SOC2 compliance while maintaining HIPAA compliance. Apption completed the project within the tight cloud budget and delivered it ahead of the deadline.