AWS Architecture Blog·June 1, 2026Designing a HIPAA-Compliant Cloud Contact Center with AWS Connect
This article details how New York Cancer and Blood Specialists (NYCBS) transformed its patient support operations by migrating to a dedicated Amazon Connect instance on AWS. It outlines the three-layer architecture for handling patient calls, integrating AI/ML capabilities, and ensuring HIPAA compliance. The solution significantly improved patient enrollment and operational efficiency through automated, multi-language call routing and real-time monitoring.
Read original on AWS Architecture BlogNew York Cancer and Blood Specialists (NYCBS) faced the challenge of optimizing its manual call handling process for over 250,000 annual patient calls across more than 100 specialized queues. To address this, NYCBS partnered with AWS and Pronetx (now Caylent) to implement a cloud-based contact center solution utilizing Amazon Connect. A key architectural decision was migrating from a shared multi-tenant environment to a dedicated Amazon Connect Customer instance, which provided enhanced flexibility, security, and access to native features crucial for healthcare workflows.
Three-Layer Architecture for Patient Experience
The solution employs a robust three-layer architecture designed to manage various aspects of patient experience while strictly adhering to HIPAA compliance requirements. Each layer leverages specific AWS services to deliver its functionality:
- CTR Management Microservice: Handles Contact Trace Record (CTR) processing. It uses Amazon API Gateway as the entry point, AWS Lambda for retrieving and processing call disposition codes, and Amazon DynamoDB for storing this data efficiently.
- Core Contact Center Services: The central Amazon Connect instance orchestrates incoming agent flows and call routing to over 100 queues. AWS Secrets Manager secures credentials, Amazon Polly provides text-to-speech for IVR, and DynamoDB stores configuration for flexible management.
- Call Recording and AI/ML Pipeline: Stores call recordings and artifacts in Amazon S3. AWS Lambda processes voicemails, Amazon Transcribe converts them to text, and subsequent Lambda functions create cases from these transcriptions. Amazon Lex powers conversational chatbots, integrating AI into the patient interaction workflow.
Shared Services and Integrations
The architecture is built upon foundational AWS services and integrates with external systems:
- Infrastructure as Code (IaC): AWS CloudFormation automates deployment.
- Security & Compliance: AWS IAM manages access, AWS KMS encrypts sensitive data, and AWS Secrets Manager secures credentials, all vital for HIPAA compliance.
- Monitoring & Notifications: Amazon CloudWatch provides logging and monitoring, while Amazon SNS delivers alerts.
- External Systems: Integrations include Microsoft Intune ID for identity management and NYCBS's on-premises systems.
Key System Design Takeaway
Opting for a dedicated cloud service instance (like Amazon Connect) over a multi-tenant environment can provide critical advantages in healthcare, including enhanced security isolation, granular control over features, and simplified compliance for regulations like HIPAA. This allows for tailored configurations like multi-language routing and specialty-based queue prioritization that might be constrained in shared setups.
This modernized approach led to a 54 percent improvement in patient enrollment by enabling automated multi-language routing (English, Spanish, Russian, Mandarin), specialty-based queue prioritization for urgent cases, and real-time agent monitoring. The system maintains HIPAA compliance through robust security measures such as role-based access controls, encryption, and secure credential storage.