Healthcare Startups, HIPAA Compliance, and Texas Hold ‘Em

Your healthcare startup has just secured its second or third round of funding as you prepare to move your apps out of beta testing and into the marketplace. It’s a heady time; your team is filled with anticipation over the impact your solutions could potentially have on the lives of millions. That is, if you last long enough to overcome all the pitfalls and obstacles that startups are subject to. You need to keep one eye on your burn rate and make sure that you’re prioritizing every dollar spent.

One burden that everyone agrees is necessary but a real headache to deal with is establishing Health Insurance Portability and Accountability Act (HIPAA) compliance. If you’re providing your software as a service (SAAS) that’s exposed to protected  health information (PHI), then your company is a covered entity who will have to demonstrate HIPAA compliance; no way around it. This will require a commitment of financial and personnel resources for your data environment that would otherwise be allocated to growing revenue. So what does all this have to do with an internationally popular version of poker, you might ask? Let me explain.

Leveraging HIPAA Compliance to Generate an ROI

When playing Texas Hold ‘Em, invariably there are rounds where all players are dealt a mediocre hand and the cards on the table look pretty miserable as well. The instinct for the opening player is often to make a small bet, with the other players then matching that bet hoping that their hands will improve when the next card is dealt. In a situation like this, the first player who is willing to make a large bet will often win the pot by scaring off the others, even without owning the best hand.

Many healthcare startups will view having to reach HIPAA compliance as a “bad hand.” To achieve HIPAA compliance for your data environment, there is a choice of strategies a startup can pursue. You could make a minimum commitment (a small bet), achieve a bare-bones level of compliance and hope for the best. Wait until your business grows and worry about becoming fully compliant later.

Guaranteed HIPAA Compliance: The Ace up Your Sleeve

On the other hand, you could leverage HIPAA compliance for an ROI (a big bet) and win this round against your competitors. If you believe in your company and your solutions, then you know that at some point your startup will be offered a large and lucrative opportunity. It will come with a requirement up front however: Demonstrate full HIPAA compliance and be willing sign a Business Associates Agreement (BAA). Landing this account will take your company to the next level. Your competition will be approached as well. Will you be prepared for this opportunity?

While some hosting providers can offer you a compliant datacenter, few provide all the IT controls you need to demonstrate HIPAA compliance. Rarer still is one that will guarantee compliance in writing.

The startup game is a high-stakes enterprise to begin with. Investing into what appears to be a revenue-negative situation like HIPAA compliance and flipping it into a revenue-positive opportunity is just the kind of calculated bet that will separate your company from the competition and elevate it to the level of a world-class solutions provider.

About the Author: As a Business Development Manager for Layered Tech, Shank Mazumder contributes to sales growth by generating alliances, leads and strategic opportunities in emerging markets. Prior to joining Layered Tech, Shank worked as an independent agent representing different vendors in the IT marketplace.  He has successfully represented software and telecom providers in the past such as Splunk and Qwest Communications.


Comments are currently closed.