Doctors on Demand

Enhancing Azure-Provided security

As a relatively new business, DoD works with a small core staff, while servicing over 60,000 patients with 40 active doctors on their platform. New doctors are added continually, and in today's COVID-19 times, telehealth has skyrocketed as an effective means to keep patients out of waiting rooms or clinics. With Medicare, Australia's universal health insurance scheme, now covering telehealth, it has become an affordable service resulting in a significant patient increase. Many corporations are also collaborating with DoD to provide virtual healthcare to staff and their families, as an employee benefit.

Kirsty Garrett is DoD’s CEO: “We are a pure-cloud offering, working in an Azure environment. As our service attracts more corporate clients, and we manage patients’ sensitive data, we realize the importance of meeting and exceeding the highest security level available. We want to comply with specific requirements including Commonwealth ISM, ISO 27001, and GDPR which will enable our international expansion plans. We have access to good security protocols and tools through Azure, but we still felt our overall security approach was ad-hoc, and dependent on the knowledge and experience of our people. There was an opportunity to assess our security capability and formalise our processes and policies.”

Working with KJR and Micro Focus (now OpenText™) ensures we meet the highest global security standards available to always protect our patients sensitive data.

Fortify on Demand uncovers vulnerabilities

Security management is a journey, not a one-off exercise, involving people, processes, and technology. To access this specific skills set, DoD engaged with OpenText Gold Partner KJR to identify any security gaps, protect them against vulnerabilities, and ensure they are certified as compliant with relevant regulations. KJR recommended deploying Fortify on Demand by OpenText. This application security as a service provides security testing and vulnerability management. DoD was convinced by Gartner declaring Fortify a global leader in the relevant magic quadrant, and the capabilities Fortify offers, as explained by Graham Cummins, General Manager with KJR: “Fortify offers DoD the ability to detect over 1,000 unique categories of vulnerabilities across 26 programming languages that span over one million APIs. This provides the most up-to-date security solution in a simple to use and competitively priced SaaS offering.”

DoD used Fortify on Demand (a SaaS based solution powered by AWS) to scan the source code of the public web application www.doctorsondemand.com.au as well as their iOS and Android applications to ensure potential links between the mobile apps and the web application were taken into account. “Following an initial security review, this process was managed by KJR”, comments Garrett. “Some minor vulnerabilities were uncovered by Fortify and these were easily remediated by KJR, ensuring we reached our business goals. The scan reports gave us a really targeted approach to improve our cyber security— very helpful when we try to achieve so many things as a relatively small team.”

Supporting security through rapid business growth

DoD took the opportunity to work with KJR on a risk management framework and a 24-month roadmap to prioritise their efforts based on risk assessment and business requirements. This will take DoD beyond any other telehealth provider in terms of cyber security standards. COVID-19 has prompted a big growth in the telehealth sector, according to Garrett: “Pre-COVID-19 our monthly growth was around 30 percent. In the last three months we have grown our doctor base by 235 percent, while web traffic and year on year revenue increased by 144 percent. The current situation clearly shows the potential and effectiveness of telehealth and we are confident that DoD will continue to grow beyond COVID-19.”

She concludes: “Working with KJR and Micro Focus (now OpenText) ensures we meet the highest global security standards available to always protect our patients’ sensitive data. Governing bodies, corporations, and our patients are reassured by this, even though it’s something patients don’t particularly want to think about. They just want easy and cost-effective access to healthcare, best summed up by this recent patient testimonial: ‘This is such an amazing service. I was in isolation and couldn’t access a doctor physically. The process to sign in and make an appointment was easy to do. The service was exceptional and I could not recommend it more highly. No more long waits in doctors’ surgeries for me.”

Pre-COVID-19 our monthly growth was around 30 percent. In the last three months we have grown our doctor base by 235 percent, while web traffic and year on year revenue increased by 144 percent.