HIPAA-Compliant AWS Multi-Account Architecture Using Terraform

Key Challenges

Single-Account Architecture — Meddilink’s entire cloud infrastructure operated within a single AWS account with no separation between production, staging, and development environments. Critical patient health information (PHI) had no isolation boundaries, creating significant compliance risks and making it impossible to enforce environment-specific access controls.

Provisioning Bottlenecks — Infrastructure provisioning was a manual process taking approximately 48 hours per environment. Each new clinic onboarding or environment setup required hands-on configuration by the infrastructure team, creating bottlenecks that slowed Meddilink’s expansion across new regions and markets.

Lack of Governance — Without centralized policies or preventive guardrails, teams could provision resources without oversight. There were no Service Control Policies (SCPs) to enforce tagging standards, restrict non-compliant resource types, or ensure consistent security configurations across the organization.

Compliance Risk — As a healthcare platform processing PHI across multiple jurisdictions, Meddilink needed to demonstrate compliance with HIPAA, GDPR, and regional healthcare data protection requirements. The single-account architecture with no environment isolation made continuous audit readiness impossible and created material compliance gaps.

Scaling Without Foundation — Meddilink was expanding rapidly into new markets — Europe, the Middle East, and APAC — but lacked the foundational cloud architecture to support multi-region deployments with appropriate data residency controls, cross-region networking, and centralized security monitoring.

Our Approach

Kansoft’s cloud engineering team executed a foundation-first infrastructure transformation:

Foundation-First Strategy — Rather than patching the existing single-account setup, Kansoft designed a greenfield multi-account architecture built on AWS best practices and compliance requirements, then migrated workloads systematically.

Multi-Account Architecture — Designed an AWS Organizations-based account structure using AWS Control Tower, with dedicated accounts for production (PHI-isolated), staging, development, security, logging, shared services, and networking — ensuring complete workload and data isolation.

IaC with Terraform — Built a comprehensive library of reusable, versioned Terraform modules for every infrastructure component — networking, compute, storage, IAM, security controls, and monitoring — ensuring consistent, auditable infrastructure provisioning across all accounts and regions.

Policy-Driven Governance — Implemented preventive controls using Service Control Policies (SCPs) at the organization level and detective controls using Sentinel and Open Policy Agent (OPA) to enforce compliance guardrails, tagging standards, and security configurations automatically.

GitOps Workflow — Established a GitOps-based deployment model where all infrastructure changes are defined in code, reviewed through pull requests, validated by automated compliance checks, and deployed through CI/CD pipelines — creating a complete audit trail for every infrastructure modification.

Phased Execution — Delivered the transformation in phases: foundation (accounts, networking, IAM), automation (Terraform modules, CI/CD), governance (SCPs, monitoring, alerting), and migration (workload migration with validation).

Solutions Delivered

Multi-Account Landing Zone — Deployed a production-grade AWS landing zone with AWS Control Tower and Organizations, creating dedicated accounts with PHI isolation for production workloads. Each account has its own VPC, security boundaries, and access controls, ensuring patient data never co-mingles with non-production environments.

Preventive Policy Guardrails — Implemented Service Control Policies (SCPs) enforcing organization-wide security standards including mandatory encryption, restricted resource types, required tagging schemas, and region-based deployment restrictions. These preventive controls ensure non-compliant resources cannot be provisioned anywhere in the organization.

Terraform Automation Framework — Built a library of composable, versioned Terraform modules covering VPC design, subnet architecture, security groups, IAM roles and policies, compute provisioning, storage configuration, and monitoring setup. Teams use these modules to provision compliant infrastructure consistently across all accounts.

GitOps Deployment Model — Implemented a fully automated infrastructure deployment pipeline where every change flows through version-controlled repositories, peer review, automated compliance validation, and CI/CD deployment. The complete audit trail satisfies regulatory requirements for change management documentation.

Secure Cross-Account Networking — Architected networking using AWS Transit Gateway with centralized egress, cross-account VPC connectivity, and network segmentation ensuring secure communication between accounts while maintaining strict isolation between PHI and non-PHI environments.

Centralized IAM & RBAC — Deployed centralized identity and access management with role-based access control (RBAC) across all accounts. Fine-grained IAM policies enforce least-privilege access, and cross-account role assumption is controlled through explicit trust policies with MFA requirements.

Why Kansoft

Kansoft’s deep expertise in healthcare cloud architecture, compliance-driven infrastructure design, and Terraform automation made them the ideal partner for Meddilink’s foundational transformation. The team’s understanding of HIPAA and GDPR requirements — and their ability to translate regulatory controls into AWS architectural patterns — ensured Meddilink could confidently scale across regions while maintaining continuous compliance posture. By building governance into the foundation rather than retrofitting it, Kansoft delivered an architecture that grows with Meddilink’s global expansion.

Business Impact

• 80% provisioning reduction — Environment setup reduced from ~48 hours to minutes through Terraform automation and self-service templates
• 85% infrastructure automation — Manual infrastructure tasks replaced with code-driven, repeatable, auditable workflows
• 60% incident reduction — Configuration drift and security misconfigurations eliminated through GitOps practices and preventive policy enforcement
• 50-70% ticket reduction — Self-service infrastructure provisioning with built-in guardrails removed the infrastructure team as a bottleneck
• Zero configuration drift — All environments maintained in consistent, version-controlled state through Terraform state management and GitOps
• Continuous audit readiness — Complete audit trails for all infrastructure changes, automated compliance checks, and preventive controls ensure Meddilink is always ready for HIPAA and GDPR audits
• PHI isolation enforced at the account level, supporting multi-region expansion with appropriate data residency controls