ISO accreditation for Wellola
What was delivered
Robust and efficient product management and development processes to enable the achievement of the ISO 27001 accreditation
Partnered with Deloitte DNM to implement standards, policies and procedures within Wellola and migrated their platform to a managed AWS Deloitte environment
Implemented Agile development methodologies with Continuous Integration / Deployment capability with security protocols and processes to ensure safe management of health information
Integration of a secure Web Real Time Communications (WebRTC) video consultation platform
Security Review including Penetration Tests
When: Started 2020
Services: CTO as a Service
As COVID-19 arrived in Europe, interest rose in Wellola's telehealth solutions. Small clinics, hospitals and enterprise institutions across the continent were keen to adopt their patient communication technology.
In order to do so they required proof of Wellola's operational sophistication and the maturity of their internal security and data processing capabilities.
To help achieve ISO 27001 accreditation, we worked with Wellola to adopt best practices in the management and processing of Protected Health Information (PHI).
Scaling the business and standards
Having experienced steady growth since inception, Wellola found itself facing a number of challenges as the COVID pandemic hit. Its 50,000 plus counselling and psychotherapy practitioners and organisations needed help to raise standards, promote public safety and continue to provide care.
Speed up delivery
Wellola needed to speed up the delivery of feature and custom enhancements to customers through automation of the development, QA and deployment processes.
Security and standards
Increased security standards required implementation of rigorous security review checkpoints, code reviews, coding standards and management policies.
Enterprise clients across Europe required white-labelled platform deployments using a robust configuration management framework.
Ability to scale
To enable the systems to scale and perform Wellola needed to embed best practice software development and architectural approaches.
From induction to action
Threadable's CTO service requires an in-depth induction even if done within a short timeframe. We quickly got to grips with Wellola's business and commercial model, constraints, sales pipeline and delivery commitments.
A backlog becomes a programme
We immediately implemented a review of all backlogged feature and change requests. This was done in parallel with a revised product management process.
This work gave us a solid, widely shared and understood prioritised programme of activities. This programme could;
- be blended with the ISO 27001 audit timelines
- deal with the body of onboarding feature work to complete within 3 months
- adapt to unplanned work activities as they arose
- provide a foundation for the next generation of Wellola products in development
Continuous Integration and Deployment
We implemented a continuous integration and deployment process. This started from the developers environments to a QA environment, and finally to User Acceptance Environments for each platform tenant.
This was further automated through engagement with Deloitte. This ensured the ability to automatically deploy (continuously if desired) to the live environments for each tenant.
- ISO 27001 accreditation
- Automation of multi-brand continuous integration and deployment processes to manage customer environments
- Introduction of metadata driven brand application to enable adoption of the Wellola solution by international organisations such as the HSE, BACP and Fisiolink Italy
- A robust and responsive delivery pipeline of features and a backlog that accurately represents the future roadmap for Wellola as they scale to new markets
91% Reduction in build time from 6 hours to 30 minutes for 18 multi-branded environments
75% Reduction in backlogged features within 8 weeks and 85% in 12 weeks
x2 Doubled team velocity over the first 12 weeks using agile processes