Case Study January 23, 2019

Mediprocity accelerates business performance with hosting and HIPAA compliance support

Mediprocity’s founders had a great idea for a SaaS app, but to make it work, they needed a hosting partner who understood their business and regulatory compliance.
Selection Criteria
• HIPAA compliance expertise
• Knowledgeable
• Easy to work with
Linux, VMWare
After researching more than 20 hosting providers and a two-month pilot project, Mediprocity chose Connectria as their hosting partner.

Mediprocity provides affordable, easy-to-use encrypted communications tools for healthcare providers who must safeguard patient information. Their solutions secure communications across a variety of mobile devices in accordance with HIPAA/HITECH regulations. When Mediprocity decided to host their Software as a Service platform, they sought out an experienced and knowledgeable HIPAA/HITECH compliant hosting provider. Mediprocity chose Connectria.

The Challenge
Mediprocity recognized the emergence and impact the smartphone was having upon all communications. These devices were blurring the lines between personal and professional communications and the healthcare industry was no exception. As doctors and other healthcare workers began to use smartphones as a means for communicating patient information, Mediprocity saw the need to secure the information. According to Mediprocity CEO Rothert, “looking down the road we were thinking a handheld device is going to be a doctor’s moving office. When they’re moving from their hospital to their office to their home and to their lab, it will travel with them. That meant certain communications would be subject to HIPAA rules, and we could encrypt this data in accordance with those regulations.”

Mediprocity introduced its first product, Secure Messaging, and continued to enhance their solution over the years to include Secure Forms and Attachments across any device, including
desktop and mobile. Whether communicating patient information via email or text, Mediprocity securely encrypts protected health information (PHI). Mediprocity’s goal is to enable physicians or prescribers access to its application with its primary target the community based healthcare worker (e.g. nursing homes, hospice, home health, pharmacies, labs, etc.). Essentially anyone outside the hospital system looking to secure protected health information under HIPAA/HITECH guidelines can take advantage of Mediprocity’s solution—and it won’t cost “an arm and a leg.” Mediprocity offers a tiered, user-based pricing model built on a Software as a Service (SaaS) platform.
When it came time to decide whether to manage the supporting IT infrastructure on their own versus outsourcing, Mediprocity chose a hosted solution. “We didn’t want to manage it,” noted Rothert. “We don’t have the time and there are too many parts to managing a HIPAA compliant environment. We want to focus on providing the best HIPAA compliant applications, not managing servers.”
Mediprocity initially chose a west coast-based hosting provider and developer, however, they did not meet expectations. Having been HIPAA/HITECH experts in their own right, Mediprocity found themselves, as non-technical people, telling their hosting provider what to do. Mediprocity enlisted the aid of a new developer, who quickly gained their confidence and trust. The new developer recommended that they replace their current hosting provider with Connectria, a vendor with a long track record of HIPAA compliant hosting.
The Solution
Upon the recommendation of their new developer, Mediprocity agreed to a two-month “proof of concept” with Connectria. Though their brief engagement with Connectria was a very positive one, Mediprocity wanted to make sure they would choose the right hosting provider for the long-term.
In addition to Connectria, Mediprocity evaluated 20 other hosting companies. What they found is that many other companies claim they provide HIPAA compliant hosting but cannot back up their claims or make things confusing.

Mediprocity’s search reinforced that Connectria was the right choice for them. Rothert further observed, “It was nice to sit down with a HIPAA/HITECH compliant hosting company that spoke our language and understood our needs. Connectria made everything easy and we recognized how far ahead they are in the HIPAA compliant market.”
The Results
Mediprocity knew the risk of not choosing the right hosting provider. As a HIPAA/HITECH solution, they wanted a hosting company with the requisite knowledge and experience. Any compromise of patient information could result in a minimum fine of $50,000 up to $1.5M per incident. Rothert understandably pointed out, “You don’t take something like that lightly. You don’t partner with a hosting company and expect them to take care of everything. We have a security audit engineer periodically come in and put Connectria engineers through the ringer. We all work together and make sure we’re doing things correctly. If there is an audit from the federal government, we’d feel confident. We don’t view Connectria as merely a hosting company….they’re our partner.”

Related Resources

Protect Your Clients, Their Customers, AND Yourself with Regulation Compliant Hosting
For many businesses, compliance is an essential component of what you do and how you protect your customers. Whether you’re in the healthcare sector, financial…
Who Does HIPAA Protect? And What Does This Mean for Your IT Team?
Many experts are eager to point out the what and the how of HIPAA compliance: What protected health information (PHI) is included, how it needs…
Small Businesses & PCI – What You Need to Know
Running a business in today’s digital-laden and data-driven world requires compliance with various federal regulations. Depending on the industry and the type of data that…