Constellation Data Platform

Astrata’s Flexible Data Repository Enabling Quality and Value-Based Care Initiatives

Astrata’s Constellation Data Platform enables quality & value-based care initiatives across the organization.

Constellation connects two important trends in Healthcare IT:

1. A Sea of Healthcare Data: A typical health system has petabytes of patient data going back a decade or more, trapped in disparate software systems.

2. Apps and Services that Work on Data: Clinicians, patients, scientists, health IT professionals, and modern applications like NLP and machine learning need access to that data to deliver the highest quality care.

Multi-Layered Security

Constellation runs as a service, interacting with applications through authenticated web service calls on a combination of AWS and Azure. It’s built on a NIST-compliant architecture that adheres to AWS/Azure best practices for security and high- availability and relies exclusively on HIPAA-compliant infrastructure and services on AWS and Azure. Constellation doesn’t permit direct SOL (or similar) access. End users access Constellation data through an authorized app that invokes one or more APIs. Each service or application accessing an API must supply an authorized, unique application key. Constellation logs and timestamps every API call and generates audit logs of user access and security events; these logs can be modified for ingestion into a Clinical Log Aggregation System (CLAS), such as Fair warning.

Key Benefits

Decoupled

Constellation runs independently of existing systems. Build and deploy Constellation apps without affecting your EMR. You don’t have to purchase a new API from your EMR vendor or submit a ticket to your institution’s IT department.

APIs

A rich set of APIs let you search for healthcare data across a population, retrieve individual documents or specific clinical data elements, or listen for new events matching specific criteria.

Real-Time & Historical

Constellation is both a historical system—storing past clinical data, and real-time—capturing clinical data seconds after clinicians enter it.

Secure

100% HIPAA-compliant. built atop a NIST-compliant (SP 800-53) architecture. All access to Constellation APIs is time stamped and logged. To access any Constellation API, an app or service must have an authorized, unique application key.

Multi-Tenant

Constellation is a service, like Salesforce.com or Splunk. Every health system that uses Constellation has its own ‘tenant’: a unique, HIPAA- compliant, encrypted, password- protected cloud-based container for their data.

Your Data

Data Security

AWS-KMS (disk encryption)
EBS Snapshots (backup)
High Availability – Multi AZ Architecture

Platform Components

OWASP
Static Application Testing
HIPAA
NIST 800-53

Physical Security

Compliance Certifications (SOC 1/2/3, PCI-DSS)
FedRAMP, ISO 9001/2700
Laws, Regulations and Privacy (HIPAA, HITECH)
Business Associate Agreement/BAA Zone

Network Security

Software Defined Network (VPCs)
Firewalls (Security Groups)
AWS Shield Advanced
Open VAS
PrismaCloud

Endpoint Security

Ansible Playbooks for DISA STIG Hardening
Patch Management
CloudWatch
PrismaCloud

Policy Management & Operations

Data Governance
Incident Response
Infrastructure as Code
Elastic Infrastructure & Applications
Change Management
Monitoring & Automated Alerts
Least Privilege Access Controls
Separation of Duties
Security Awareness Training

Request a Demo