When delivering software to our customers or helping them setup a DHIS2 for their National Health Information System (NHIS), we always end up with the same question: where should to host the system? While Web Applications can be developed using various languages and technologies, they are common enough to require at minimum a database (to host the data), a web server (to run the code and pages that make the application), and possibly a few other services (e.g. a mail server).
At BlueSquare, we frequently talk about health data, some of which is sensitive (though it’s mostly aggregated data, i.e. not individual patient data), therefore a relatively frequent request or requirement is to “simply” host it inside or close to the customer’s office (e.g. ministry of health).
What looks like a straightforward and easy decision to make, can be everything but. Hosting software presents an array of very specific challenges:
Meeting these challenges requires an appropriate set of skills.
Having made a quick rundown of the few important questions to keep in mind, here’s a short overview of typical hosting options. They’re listed in ascending order of both service (i.e. simplest to most comprehensive) and cost (i.e. cheapest to most expensive) for the same level of machine/power:
The table below shows a summary of who does what, depending on the service:
While quality can go up when you choose more advanced services, so does the price. That being said, the company providing the services is still often very cheap for a good reason: hosting your software is their main and only job — meaning they recruit the people needed for that, achieving not only great service, but also an impressive level of productivity.
One last important point: the privacy rules. Most providers abide by the laws set in their various regional location. As a very general rule, the EU and US have different views on privacy. The EU generally being more strict in its regulation than the US. As a consequence, given the choice, we often advise people to host sensitive data in the EU if possible (every big provider gives you the option of where you want your data to be located).
There are not (yet) big players in Africa, but local providers can be found and could become alternative to the big US players — again, they should be evaluated against the same criterias.
Where to host and what level of service to pay for are key decisions that shouldn’t be taken lightly and require thorough comparative analysis. It’s important to pay attention to, for example, security, reliability and cost of the self hosting service with providers such as Heroku or Amazon.
For example, Heroku’s reliability for the last 60 days is 99.995% — that’s 20 minutes of downtime per year, and the security measures they have in place are listed here. I encourage you to check the situation and numbers on your own system and compare. Beating those levels of service is really difficult, and almost impossible if you factor in the cost.
The big take away is: when considering where to host your software, apply the same level of criteria and requirements to all options — including the self hosting. Most people I’ve met assume that in-house systems are more secure and while in some cases that might be true, it’s not a given. So be prepared, and choose wisely.
Written by Martin Van Aken, CTO of BlueSquare. Find him on LinkedIn here and Twitter here.
Talk to a Bluesquare expert.
