Challenge

Mediprocity’s founders had a great idea for a SaaS app, but to make it work, they needed a hosting partner who understood their business and regulatory compliance.

Selection Criteria

• HIPAA compliance expertise
• Knowledgeable
• Easy to work with

Platforms

Linux, VMWare

Results

After researching more than 20 hosting providers and a two-month pilot project, Mediprocity chose Connectria as their hosting partner.

Mediprocity provides affordable, easy-to-use encrypted communications tools for healthcare providers who must safeguard patient information. Their solutions secure communications across a variety of mobile devices in accordance with HIPAA/HITECH regulations. When Mediprocity decided to host their Software as a Service platform, they sought out an experienced and knowledgeable HIPAA/HITECH compliant hosting provider. Mediprocity chose Connectria.

The Challenge

Mediprocity recognized the emergence and impact the smartphone was having upon all communications. These devices were blurring the lines between personal and professional communications and the healthcare industry was no exception. As doctors and other healthcare workers began to use smartphones as a means for communicating patient information, Mediprocity saw the need to secure the information. According to Mediprocity CEO Rothert, “looking down the road we were thinking a handheld device is going to be a doctor’s moving office. When they’re moving from their hospital to their office to their home and to their lab, it will travel with them. That meant certain communications would be subject to HIPAA rules, and we could encrypt this data in accordance with those regulations.”

Mediprocity introduced its first product, Secure Messaging, and continued to enhance its solution over the years to include Secure Forms and Attachments across any device, including desktop and mobile. Whether communicating patient information via email or text, Mediprocity securely encrypts protected health information (PHI). Mediprocity’s goal is to enable physicians or prescribers access to its application with its primary target the community-based healthcare worker (e.g. nursing homes, hospice, home health, pharmacies, labs, etc.). Essentially anyone outside the hospital system looking to secure protected health information under HIPAA/HITECH guidelines can take advantage of Mediprocity’s solution—and it won’t cost “an arm and a leg.” Mediprocity offers a tiered, user-based pricing model built on a Software as a Service (SaaS) platform.

When it came time to decide whether to manage the supporting IT infrastructure on their own versus outsourcing, Mediprocity chose a hosted solution. “We didn’t want to manage it,” noted Rothert. “We don’t have the time and there are too many parts to managing a HIPAA compliant environment. We want to focus on providing the best HIPAA compliant applications, not managing servers.”

Mediprocity initially chose a west coast-based hosting provider and developer, however, they did not meet expectations. Having been HIPAA/HITECH experts in their own right, Mediprocity found themselves, as non-technical people, telling their hosting provider what to do. Mediprocity enlisted the aid of a new developer, who quickly gained their confidence and trust. The new developer recommended that they replace their current hosting provider with Connectria, a vendor with a long track record of HIPAA compliant hosting.

The Solution

Upon the recommendation of their new developer, Mediprocity agreed to a two-month “proof of concept” with Connectria. Though their brief engagement with Connectria was a very positive one, Mediprocity wanted to make sure they would choose the right hosting provider for the long-term.
In addition to Connectria, Mediprocity evaluated 20 other hosting companies. What they found is that many other companies claim they provide HIPAA compliant hosting but cannot back up their claims or make things confusing.

Mediprocity’s search reinforced that Connectria was the right choice for them. Rothert further observed, “It was nice to sit down with a HIPAA/HITECH compliant hosting company that spoke our language and understood our needs. Connectria made everything easy and we recognized how far ahead they are in the HIPAA compliant market.”

The Results

Mediprocity knew the risk of not choosing the right hosting provider. As a HIPAA/HITECH solution, they wanted a hosting company with the requisite knowledge and experience. Any compromise of patient information could result in a minimum fine of $50,000 up to $1.5M per incident. Rothert understandably pointed out, “You don’t take something like that lightly. You don’t partner with a hosting company and expect them to take care of everything. We have a security audit engineer periodically come in and put Connectria engineers through the wringer. We all work together and make sure we’re doing things correctly. If there is an audit from the federal government, we’d feel confident. We don’t view Connectria as merely a hosting company….they’re our partner.”