Sovereign cloud: Building a future-proof health care platform for Sana

The extensive requirements made it clear that setting up and operating a future-proof cloud platform required more than just technological know-how. For this reason, Sana collaborated with Deloitte to support the project, given its extensive experience in the health care industry, Cloud experience, and demonstrated operational capabilities. STACKIT, a German provider of sovereign cloud solutions, was also engaged to work with Sana and Deloitte. STACKIT—part of Schwarz Digits, the IT and digital division of the German Schwarz Gruppe—offers infrastructure-as-a-service (IaaS) and platform-as-a-service (PaaS) solutions that are entirely hosted in German data centers. 

Implementation took place in four steps according to Deloitte's Cloud Transformation Playbook. This involved Deloitte specialists from Cloud Strategy & Transformation, Cloud Engineering & Platform Development, and the Deloitte Operate team, who worked closely with the Sana Clinics IT team throughout. First, the cloud architecture was defined based on requirements and Deloitte leading practices. Second, rapid assessments were used to determine suitable approaches for integrating the various applications into the target architecture model. Third, they set up the cloud landing zone on STACKIT as a secure framework for the platform and implemented scalable Kubernetes clusters. These form the foundation for the ePA-relevant OmniConnect software and other forward-looking services. Lastly, the initial cloud applications were rolled out in selected clinics.

The newly established cloud operating model also involved creating corresponding roles (e.g., service owners). This was implemented in stages: initially, the roles were staffed jointly by Deloitte and Sana, before handing them over completely to the Sana teams. To prepare the Sana teams for their new tasks and build the necessary skills, Deloitte conducted targeted cloud training courses in parallel, covering topics ranging from governance and Kubernetes to automation. The training content was the same as that used by Deloitte for its own training courses. STACKIT’s specialists were also closely involved in the project, for example, to troubleshoot problems and clarify complex technical concerns, including daily tri-teaming formats. A joint Project Management Office (PMO) and a shared decision and risk log helped manage complex stakeholder interests efficiently.

“By working with STACKIT as our platform partner and Deloitte on project implementation, we have laid the foundation for a secure cloud platform. It was important to us to take an approach that combines implementation and empowerment, so that Sana IT Services can continue to operate and expand the platform independently.”

-Tobias Eimermacher, Managing Director of Sana IT Services GmbH

Sana, Deloitte, and STACKIT have implemented a sophisticated and innovative project with sovereign cloud that resonates with the spirit of the times. It is also relevant for many other companies and organizations in the critical infrastructure sector and regulated industries. This collaboration demonstrates the potential of a sovereign cloud ecosystem that’s “Made in Germany” - integrating infrastructure, security, and delivery.

“We are delighted with the successful outcome of this strategic project, in which we designed and built a secure, scalable cloud for Sana in a very short time. The close collaboration between Deloitte, Sana and STACKIT, as well as Deloitte's technology and industry knowledge and experience, are the cornerstones of this flagship project for the health care sector and other industries where digital sovereignty is crucial.”

-Dr. Benedikt Ernst,Director, Cloud Strategy & Transformation, Deloitte Germany