Building HIPAA-compliant applications with Citus Cloud and Postgres

Written by Craig Kerstiens
January 23, 2018

Today we're excited to announce that you can now use our fully-managed database as a service, Citus Cloud, to manage protected health information (PHI) and to build HIPAA-compliant applications on top of Postgres. For those of you building apps in healthcare environments regulated by the Health Insurance Portability and Accountability Act (HIPAA, you can feel safer knowing you now have a scalable Postgres database that meets your healthcare compliance requirements. .

If you're building an application on top of Postgres and you need a combination of horizontal scale as well as HIPAA compliance, reach out to us if you want more information about getting a Business Associate Agreement (BAA) with Citus Data in place.

Using the Citus database to build HIPAA-compliant applications

Our new program for HIPAA compliance is geared toward both large healthcare organizations and small healthcare startups.

Whether you’re building multi-tenant applications or real-time analytics dashboards, our goal with all of our customers and for all of our use cases is to make it so you can scale your application and not be kept awake at night worrying about database performance or uptime. By enabling healthcare teams to manage their PHI data and meet their HIPAA compliance requirements, we’ve now made the Citus distributed database a good option for healthcare organizations.

Citus Data and HIPAA: horizontal scale and compliance for Postgres

For many SaaS applications, the need for a horizontally scalable database is clear. One day you're building your application and it's growing steadily, the next day you sign up a customer that doubles your data size. Suddenly you’re scrambling to figure out how to make your database support your new customer, without slowing things down for the rest of your customers. The good news: SaaS applications usually employ data models that have a natural dimension on which to shard the data. Which makes the Citus approach to sharding and distributing the database across multiple nodes a good fit for these multi-tenant applications in the healthcare space.

In the past, before Citus, the engineering cost (and opportunity cost) of re-architecting your application to shard your application was quite high. By leveraging the Citus extension to Postgres, you can now scale out your database without having to divert your engineers from your core application. And you can save person years of engineering.

Under the covers, Citus Cloud creates a number of logical shards and place these across multiple physical nodes. Then when it comes time to scale to get more performance out of your system, you simply add more nodes, rebalance your data, and then you're done. Scaling out your Citus database in the cloud is as easy as dragging a slider.

Curious how to scale out Postgres with Citus?

If you want to get a better idea how the Citus extension to Postgres actually works and what it's like to work with our team, we'd be happy to talk: just contact us.

Craig Kerstiens

Written by Craig Kerstiens

Former Head of Cloud at Citus Data. Ran product at Heroku Postgres. Countless conference talks on Postgres & Citus. Loves bbq and football.