OpenNovations is an independent ICT consultancy firm with a specific focus on security / privacy related technical and compliance issues, working on the cross-over domain between “business” and ICT. Our primary area of business is in tightly regulated domains such as healthcare, medical and pharmaceutical organizations.

Collaborative development principles

  • Existing Aranei platform instead of development from scratch
  • Participation in established and capable development entity
  • Partnered development allows for a scalable development team
  • Preventive maintenance, joint features, etc 


  • Software development
    • Experienced in various development platforms and programming languages like PHP, NodeJS/JavaScript,  Java, C/C++, C#
  • Implementing orchestration tools
    • Ansible, Salt
  • Code repositories, Continuous integration / delivery
    • GitLab, Jenkins, Build services, Docker containers
  • Automated infrastructure management
    • Cloud orchestration, network management
  • Integration with ticketing systems
    • Immediately respond on alerts

open source, security, privacy, development, validation, architecture, infrastructure

Devops Services

  • Infrastructure deployment and maintenance
  • Networking, virtual servers, VPN connectivity, certificate management, etc
  • Maintenance, optimizations and data loss prevention
  • Preventive and corrective updates on server OS/applications
  • Performance analysis and optimization
  • Backups, archiving, restore/retrieval tests
  • Security measures
  • Monitoring, pentesting, security patching
  • Following crucial components CVE (vulnerability) listings
  • Validation / verification quality management / support
  • Provide installation logs, perform (semi) automated tests 


  • Compliance consultancy support
  • Active participation in ISPE, DARQA, RQA, ETSI, ENISA, etc
  • Medical device, Privacy, Cybersecurity
  • To maintain regulatory compliance alignment periodic rules / regulations checks are performed
  • Change in rules / regulations may lead to requirement to change Client/Partner URS
  • Ad-hoc / structural product/service support
  • Incident support
  • Depends on responsibility of deployment environments
  • Infrastructure / hosting / network support
  • Structural 2nd line project support
  • IT support (with end-client)
  • Security testing, compliance assessment reports, etc
  • Service levels
  • Response times and time windows for support
  • Availability (time zones) planneable