Unified Techs
All case studies
HealthtechCloudDevOps

Rescued an over-provisioned multi-account AWS estate

Landed a Well-Architected remediation across 14 accounts. Tagged everything, killed waste, set FinOps guardrails — and kept HIPAA happy.

$1.4M

Annual savings

14

Accounts hardened

0

Compliance gaps

Project overview

A US-based healthtech had grown into a sprawling 14-account AWS estate with no consistent tagging, ballooning costs and HIPAA exposure across the organisation.

Challenges

  • No consistent tagging or ownership across accounts
  • Significant idle and over-provisioned capacity
  • Inconsistent baseline controls created HIPAA risk

Our approach

We ran an AWS Well-Architected remediation in parallel with a FinOps cleanup, then locked in guardrails so waste couldn't creep back.

Visibility & tagging

  • Enforced a tagging taxonomy via SCPs and AWS Config rules
  • Built ownership and cost dashboards in Cost Explorer and QuickSight

Right-sizing & guardrails

  • Right-sized EC2, RDS and EKS workloads with usage-based recommendations
  • Adopted Karpenter and Spot for the bulk of compute
  • Set AWS Budgets, anomaly detection and weekly FinOps reviews

HIPAA hardening

  • Closed gaps surfaced by Security Hub and Config conformance packs
  • Centralized logs and audit trails in a dedicated security account

Outcomes

  • $1.4M annualized cost savings
  • All 14 accounts hardened to a common baseline
  • Zero HIPAA compliance gaps remaining at handover

Next case study

Rolled out zero-trust security across a 60-engineer SaaS