Our Technology

Backend

State-of-the-art micro services architecture

  • Mainly based on Spring Boot Services, connected to PostgreSQL databases
  • Additionally, Rust Services as hardware-related services for extra performance in time-critical applications
  • High scalability, very good maintainability and simple integration of future technologies
  • Rapid further development through problem-free extension and testing of individual services
  • Extremely efficient data exchange between services through communication via gRPC

Frontend

Web-based application

  • Based on React, which is also used by many other major technology companies
  • Does not need to be installed on clients; only requires current browser version of Chrome, Firefox or Safari
  • Highly customizable to meet specific needs and optimized for highly efficient hospital workflows
  • Intuitive to use for Windows, iOS, and Android users through the use of modern user concepts

Interconnectedness

  • State-of-the-art data exchange protocols (frontend GraphQL, backend gRPC)
  • Finely defined APIs, automatically validated via schemas (hence only correct requests)
  • External systems can be connected via granular service interfaces directly or via FHIR standard interfaces
  • Message communication via matrix protocol (e.g. Bundeswehr standard)
  • Communication with electronic patient record (ePA) & in future directly to patients

Availability and stability

  • Very high availability and stability due to proven technologies
  • Highly efficient and dynamic scaling of system based on microservices infrastructure
  • Fast response to hardware failures through streaming replication (downtime reliability with RPO close to 0)
  • Direct switchover to backup servers in the event of a server failure guarantees high availability even in critical situations

Cyber Security

  • Data flow encrypted with at least TLS 1.2 and usually TLS 1.3, using certificate pinning at the endpoints
  • Role-based access model for authentication allows users to log in with both hospital identifiers and, in the future, new digital physician ID cards
  • User access controlled by JWT token authorization and authentication; stores only salted password hashes created using Argon2
  • Avelios can be used flexibly both as an on-premise solution entirely within the hospital network infrastructure and as a cloud solution

Data protection

  • Basis formed by DSGVO regulations, which were integrated from the outset in the development of each service
  • Data autonomy of patients established as cornerstone
  • In the future, patients will be able to view managed data at any time and, if desired, have it deleted
  • Conveniently controllable from patient’s mobile device via patient portal while complying with the statutory storage periods