FDB Vela secures E-Prescriptions with Azure, scaling for 1500% growth in capacity

FDB (First Databank) is at the forefront of MedTech innovation, providing some of the world’s most trusted drug databases to empower critical medical decisions. By partnering with customers, FDB advances safety and efficiency in patient care, helping to improve health outcomes. And now, the FDB Vela ePrescribing network is using automation to evolve the e-prescriptions process.

The company must balance growth with the need to safeguard FDB Vela’s massive amounts of protected health information (PHI), ensuring that each prescription is sent securely from doctors to pharmacies, and defending sensitive data from potential breaches.

When it comes to protecting customers’ most sensitive healthcare data, there are no shortcuts. Sean Taylor, Director of Research & Development for FDB Vela, says, “Our decision to work with Azure was driven by more than just scalability. It was about finding a cloud platform that could offer the security capabilities necessary to meet our privacy requirements and regulatory demands—all with the customer support we could count on.

Since moving to Azure, FDB has worked to proactively optimize FDB Vela’s security posture with a number of tools at their disposal, showing the transformative potential of the right cloud partnership.

The high stakes of health information

FDB Vela must ensure that millions of patient records, scripts, and healthcare details stay secure as they’re transmitted between doctors, hospitals, and pharmacies. Managing PHI is no small feat. The risk of data leakage not only exposes patients to identity theft but could also lead to serious financial and reputational consequences for the company responsible for safeguarding that data.

“For FDB Vela, this is more than a regulatory obligation; it’s a matter of trust,” says Taylor. “We need to make sure that we are doing everything in our power to protect this data because it’s essentially the customer’s most private information.” Moreover, HIPAA regulations govern the handling of patient data in the US, and a violation could mean significant fines and damage to FDB Vela’s credibility.

As FDB built the infrastructure for Vela, they knew security had to be baked into every step of the process. That meant adopting a secure, cloud-based approach that ensured continued compliance with HIPAA regulations while also maintaining the degrees of robustness and scalability required to handle an expanding network of pharmacies and healthcare providers.

Choosing a cloud

After considering several cloud platforms, Azure emerged as the best choice for FDB Vela’s security and infrastructure needs. “Azure is top of class. But the next-level differentiator for building it all in Azure was the support,” says Taylor. “We have total confidence in their support. No one else could match that.”

FDB liked that the support was in place to troubleshoot quickly and ensure that security measures are correctly implemented. Azure provided FDB Vela with an ecosystem that supported security-first practices while also delivering easy-to-use tools for configuring and managing the platform.

“And this security-first approach made it straightforward for us to get HITRUST certified,” Taylor notes, referencing one of the critical security certifications that FDB Vela had to achieve to onboard major customers like Humana. Azure’s built-in security solutions, including firewalls, key vaults, and resource locks, enabled Taylor’s team to meet certification standards quickly and efficiently. Thanks to this robust security foundation, the team achieved HITRUST r2 certification in just six months.

Proactive security and compliance

To further protect Vela’s system, FDB utilizes numerous Microsoft security tools like Microsoft Sentinel, Microsoft Defender for Cloud, Azure Resource Manager, and Azure Firewall to proactively optimize their security posture. And they have leaned into collaborating with Azure customer support, working to achieve a deeper partnership. The effect is a multi-layered approach to security, one that ensures that no single vulnerability can lead to a breach of sensitive data. The combination of Azure’s security features and FDB Vela’s internal security practices helped build a security culture that is both robust and resilient.

“We call it triple-layer protection, where we add layers to prevent access to sensitive data," Taylor explains. “This means that even if a malicious actor were to breach one layer of security, the other layers would still safeguard the data. This defends against specific threats like Distributed Denial of Service (DDoS) and data exfiltration attacks.”

By implementing IP filtering, FDB Vela ensures that all traffic is strictly limited to US-based actors, effectively blocking unauthorized access from outside the country (they only work with US-based companies). To fortify their defenses, they use Azure Web Application Firewall (WAF) to filter and thwart threats at Layer 7, the application layer that focuses on monitoring and protecting web traffic and application-specific data. Azure Application Gateway further strengthens security by managing VPN and routing requests, while API Management (APIM) integrates subscription keys and multi-factor authentication to secure incoming requests.

In addition to these measures, FDB Vela employs the Microsoft Defender suite to enhance security for their various workloads. This comprehensive deployment guarantees that even where security risks are less obvious, security remains a priority.

“Everything we have is behind a firewall, so it’s not even accessible on the public internet at all,” Taylor says. Additionally, all FDB Vela’s resources are locked down using resource locks and subnet configurations to limit access to sensitive data. With these layers in place, any attempt to exfiltrate data is thwarted at multiple points in the system.

The AI security frontier

As security becomes more complex, FDB is exploring ways to incorporate AI into their security practices. AI offers the potential to not just detect security threats but actively respond to them. They see AI solutions, such as Microsoft Security Copilot as the next frontier in protecting Vela.

“Microsoft Security Copilot can help us analyze any anomalous behavior and then act on it,” Taylor explains. With many thousands of transactions passing through Vela each day, AI will proactively identify potential threats, such as suspicious prescription patterns, before they escalate.

“I’d like to be able to use Microsoft Security Copilot not just to monitor but also thwart the attack,” Taylor says. The ability to have AI autonomously detect and respond to threats would greatly reduce the time it takes to address incidents and minimize any potential damage. Eventually, they would like to have a system that handles routine security events without human intervention, allowing the security team to dedicate their time to forward-looking issues.

Scaling securely

FDB is focused on continuing to optimize Vela’s infrastructure and safeguard that it scales securely as the e-prescription network grows. The goal is to handle 15,000 scripts per day by second quarter, with aspirations to scale up to 10,000 scripts per hour by the end of the year.

“Microsoft excels at scaling,” Taylor says. “The combination of Azure’s cloud services and Vela’s security architecture makes it possible for FDB to scale securely, without compromising on performance or compliance. The speed at which Azure can grow with the rate of ingestion is remarkable. ”

FDB’s proactive approach to security has allowed them to build a scalable system to fit their needs now and in the future. With the ever-growing importance of protecting patient data, the company’s commitment to security-first practices makes sure that Vela remains at the forefront of MedTech innovation.

“We simply can’t put anything at risk for anyone,” Taylor concludes. “We have to put as many layers as possible in place to avoid any bad actor getting in and doing anything with the data. Period.”

In an industry where the cost of a data breach is not just financial but personal, FDB Vela is focused on securely scaling and innovating its ePrescribing network to protect patients.

Discover more about FDB and FDB Vela. Follow FDB on LinkedIn.