IoT firmware, an easy-to-use user portal and distributor visibility into user adoption. All securely within HIPAA compliance.

IOT Firmware

Company:

Medical Device Company in stealth mode is planning a global launch of a medical device came to Kirk to design a patient portal that captured the data from a medical device and then presented this data on a portal that was viewable by Doctors, distributors and patients. 

 

Technologies Employed:

  • Device Firmware
  • IoT Platform & Data Pipeline
  • Data Tier
  • HIPAA Alignment
  • User Portal and API
  • Operations & Infrastructure

THE Challenge:

Working with medical devices requires a team that has extensive experience in Hippa Security, not only at the device level but also within multiple cloud and database infrastructures.  

Solution:


Working with the company Kirk developed a portal solution that incorporated the expertise of UI/UX development ensuring that the end user had a portal that was easy to navigate. For distributors of the product it was important to be able to show user adoption and user use rates allowing the distributors to see who was using the devices and who was not.

“Few companies had the scope and understanding of the problem. Or they lacked the compliance expertise of Kirk”

-Compliance & Security Officer

Security & Compliance


Kirk also had to develop a platform that was secure. Using a “Zero Trust “ Methodology, Kirk and its team deployed a number of strategies to ensure that data was properly authenticated and protected while in transit, in the cloud or in the database.  Kirk created a Device to network infrastructure authentication is based on mutual TLS encryption with X.509 certificates to prevent data tampering and impersonation. Data is encrypted in transit end-to-end and at rest.

Development at Scale

Kirk Tech Solutions team has the breadth, depth and global experience to analyze, strategize  and develop solutions that can make the most out of your data: This could be customer data, sales data or IOT/device data.

Technologies Employed

“Kirk Tech Solutions was tasked with migrating EnvoMask’s website to Shopify, ensuring the transition was seamless and met the company’s specific needs. Despite the complexities, Kirk was able to deliver a solution that addressed both the functional and design challenges.”

-Compliance & Security Officer

Data Tier
A managed Amazon RDS (PostgreSQL) deployment supports transactional storage, audit trails, and portal queries. The data tier is robust, resilient, and scalable.
HIPAA Alignment
Role-based access, fine-grained permissions, and audit logging ensure compliance with healthcare data standards.
User Portal and API
The user portal backend is hosted behind an AWS Application Load Balancer, providing a resilient and scalable system. Web application services are built around a Django REST Framework (DRF), providing robust API endpoints with built-in security controls.
Device Firmware
Medical hardware devices communicate using both HTTP(S) and MQTT protocols with an Internet of Things (IoT) backend endpoint.
IoT Platform & Data Pipeline

Kirk employed an AWS IoT Core serves as the secure entry point for device communications, scaling to 1M+ devices and backed with a serverless and resilient infrastructure. Data transport from device to IoT Core is over a secure cellular network with Wi-Fi backup. The backend data pipeline itself resides in a secure, virtual private cloud and is supported by AWS S3, SQS, and Lambda functions. 

Finally, a zero-trust methodology ensures that all device, user, and system interactions are secured, authenticated, and authorized. An API Gateway shields a Help Me! troubleshooting diagnostic service endpoint for devices 
to asynchronously upload trouble information.

Operations & Infrastructure
  • Infrastructure as Code (IaC): Terraform modules provision and manage AWS accounts, networking (VPC, subnets, security groups), IAM roles, and storage resources.
  • Monitoring: AWS CloudWatch integrated for logging and performance metrics; alerts configured for anomalies in device data flows or infrastructure health.
  • API Gateway, Web Application Firewall (WAF), AWS Shield, and CloudFront used to provide robust prevention and mitigation against multiple attack vectors including DoS.
  • Global Reach: Architecture designed for multi-region expansion, supporting millions of devices and tens of thousands of portal users as adoption scales.

Solution Ecosystem

Leveraging our deep knowledge in UI/UX, Cloud, Database and AI computing, Kirk collaborates with top solution providers to tackle the toughest challenges growing businesses are facing today.

Node
React
AWS
Cloud Computing
GraphQL
GitHub

It all starts with a conversation

Whether you’ve got a quick question or you want to run through the details
of your next project, we can help. Speak to an experts 603 828 6850

schedule a 30 min call
DISCUSS A PROJECT