Raffles Connect

A Bold Vision for Healthcare Cybersecurity

We deliver measurable results

ISO/IEC 27001

achieved

30%

saved of the manual testing effort

88.4 CSS Scores

for the DevSecOps team

95.22 CSS Scores

for the Core Service Squad

Get to know our client

CareHealth is in a strategic partnership with Raffles Medical Group—a leading integrated private healthcare provider in Asia—to launch Raffles Connect, a holistic and personalized platform offering health and wellness services.

CareHealth’s vision is to shape the future of healthcare so that everyone can live longer, healthier, and happier lives. Its mission is to create a world where healthcare and wellness are people-centered, comprehensive, and accessible.

Challenges

Targeted solutions for

Achieving Security Vision

In an era where digital threats are increasingly complex, safeguarding an organization’s digital assets is paramount. CareHealth aims to implement a system to manage risks related to the security of data owned or handled by them, adhering to best practices and principles of international standards.

The project began with a Testing effort and later extended to engage additional DevOps resources and software engineers. This phased approach laid the groundwork for a comprehensive approach driven by the complex nature of CareHealth’s system, which requires the integration of various frameworks and tools for efficient management.

Strategic DevOps and Testing Expansion

Following the success of the initial testing project, CareHealth identified two key areas for further enhancement:

  • First, to enhance environment segregation by ensuring that development, testing, and production environments are properly isolated, thereby improving security and efficiency.
  • Second, with the foundation of CareHealth’s Automation Testing team already in place, there was a plan to expand the team with resources from SmartOSC to increase the regression test coverage.

This expansion aims to enhance the overall efficiency and accuracy of the testing process, leveraging automation to conduct comprehensive tests across various platforms, including API, web, and mobile applications.

STRATEGY

Success mentality

 

 

“Our patient-centric vision requires a secure and reliable digital foundation. Partnering with SmartOSC has enhanced our cybersecurity and quality assurance efforts, supporting our ISO/IEC 27001 certification. Their expertise in AWS Multi-Account Environment Segregation, Automation Testing and Feature Development has been crucial in delivering a faster, more secure healthcare experience. SmartOSC’s collaboration has resulted in streamlined security protocols, improved testing efficiency, and seamless application development. Their comprehensive approach has strengthened our overall security and operational efficiency, ensuring we provide the best possible service for our patients.”

Thet Twe AungVP Engineering, Applications, CareHealth

SOLUTIONS

Our tools for success

Automation Testing

Building on the success of the initial assessment, CareHealth engaged SmartOSC to expand the test coverage and optimize the workflow. By collaborating with SmartOSC, CareHealth added additional automation testing resources to enhance its existing automation testing team. This approach allowed CareHealth’s manual QA team to focus on strategic functional testing activities, such as exploratory testing, usability testing, and user experience assessment. By integrating SmartOSC’s resources, CareHealth optimized its workflow, allowing the automation team to handle broader testing tasks, thereby improving efficiency and overall test coverage.

Infrastructure and Environment Segregation

In a collaborative effort between CareHealth’s DevSecOps team and SmartOSC, the project focused on improving the management of the existing AWS environment into multiple accounts to enhance security. Under the direction of CareHealth’s infrastructure team, SmartOSC participated in this segregation effort to better protect against insider and outsider threats. This multi-account AWS environment limits access to sensitive information and critical systems, ensuring that potential attacks can be easily isolated. This segregation approach, a best practice widely recognized in the financial industry, ensures that sensitive healthcare data is handled securely and that the platform remains resilient and protected.

Feature Development Augmentation

CareHealth, focused on rapidly developing new features, engaged SmartOSC to augment their engineering team with additional resources. This collaboration aimed to strengthen CareHealth’s ability to deliver new features quickly and efficiently. SmartOSC contributed by developing multiple backend functionalities and improving frontend performance. This partnership enabled the timely delivery of features such as customized benefits based on member types, a user nutrition tracker, and improved authentication for the sign-in/sign-up flow, resulting in a more feature-rich and responsive application.