Optimize Sitecore Operations with Automation (HIPAA Compliant)

Where you're currently deployed is less important than whether you are OK for us to deploy your Sitecore Website on a Microsoft Azure environment. For most clients we deploy into their Azure tenancy, but we are also able to stand up an Azure environment for them.

In most cases, we upgrade clients to a current supported version of Sitecore as part of the onboarding process. This may involve some level of remediation to ensure like-for-like functionality is carried through to the current version, or where appropriate retirement of legacy functionality.

Yes, any development team can use the platform. In simple terms, when your agency has code ready to deploy, they push the changes, and they or your team run the pipelines we provide the to deploy in accordance with an agreed governance process with zero downtime deployments and fast rollbacks where required.

Importantly, Dataweavers does not provide bespoke development, digital strategy, UX or any of the other specialist services that digital agencies typically take care of. We work hand in hand with your development team or partner to support them. We provide a secure, performant and reliable technology environment that help agencies to be productive, and we take care of how changes, such as code releases and technology updates are made to this environment.

This will typically depend on the scale and complexity of your environment. Traditionally, onboarding usually includes an upgrade and configuration remediation to best practice, so this is part of the schedule considerations, and includes the remediations necessary to deliver like-for-like functionality on the updated software version. As a guide though, we typically complete onboarding and upgrades in a third to a half the time of traditional upgrade approaches and the end-to-end onboarding cycle is usually 12-16 weeks.

To summarize, we have a muti-layered approach, comprising of CloudFlare Security Controls for BoT and DDOS protection, and Azure Front Door Provides WAF protection – so we are fully protected for the OWASP Top 10 issues and other Critical vulnerabilities. Additionally, we keep the environment and Sitecore fully patched.

Technically, you may get a pass on your site, but this also depends on what you're doing with the tracking of visitors and capturing their information. A good example may be a ‘contact us form’. For example, if you're tracking a potential patient who has an interest in certain procedures you have on your site, and tie that together with their contact details, that needs to be addressed. Above and beyond compliance, robust controls are a good practice for a secure, modern, and efficient operating model to achieve that provides peace of mind.

Current advice form the Sitecore Product team is they are still on the journey to becoming HIPAA compliant across their various composable cloud modules, and there is no date specified by which this will be achieved. Even where Dataweavers can implement a HIPAA complaint operating model, you will require the underlying platform to be HIPAA compliant (just as Microsoft provides for Azure).