On Halloween, Intronis told MSPs there is no need to fear HIPAA. In fact, those that master the ins and outs can sell more effectively to healthcare and related firms.
But just selling to these companies without fully understanding HIPAA is fraught with peril.
This writer was fortunate enough to moderate the webinar, “HIPAA. It Doesn’t Have To Be Scary,” and the archive can be viewed here.
On the Intronis side was co-founder and current channel chief Neal Bradbury, who invited along C.J. Ezell, founder of a-safe, an MSP specializing in healthcare.
HIPAA has a carrot and a stick. The carrot is HIPAA services can be sold at a premium, and let MSPs branch into new markets.
The stick is HIPAA standards are violated. Here both the customer and the MSP can be liable.
Bradbury had a raft of examples, from small to relatively huge. Starting on the small side, a hospice in Idaho had a laptop stolen. The HIPAA fine was a cool 50 grand. In Phoenix a small medical practice used unsecure email to transmit patient information, and ended up shelling out 100 grand for its mistake.
Those are the cheap ones. In Alaska the state health department lost one of its backup drives. That one cost $1.7 million. And a Boston doctor’s stolen laptop cost $1.5 million. That’s just one computer.
MSP Liability
Under the HIPAA Omnibus Rule, service providers such as MSPs, as “Business Associates”, can be liable for HIPAA violations.
But that needn’t scare off MSPs. The trick is to master HIPAA just as C.J. Ezell did.
A recent Intronis blog offers some advice. “MSPs and healthcare organizations need to work together to instill a long-term understanding of what it means to practice safe data usage in order to avoid fines and loss of industry standing,” the blog said.
Ulistic, an MSP consultancy, is advising healthcare outfits to make sure their MSPs do HIPPAA right, that that MSPs hoping to serve this market make themselves compliant. “Is your managed services business adhering to the standards for HIPAA compliance?” Ulistic asks, and answers, “If not, you need to be.”
MSP Mastery
HIPAA mastery can let an MSP sell to bigger and bigger clients. “In general, the larger the healthcare organization, the more complex the solution requirements become. As solution providers migrate up the healthcare stack to large hospitals and university medical facilities, they discover the need for more specialized — and more lucrative — technology services such as laboratory bar-code printing and scanning applications, patient admissions, labeling and tracking systems, pharmacy management and POS technologies,” Bradbury explained.
Some of the things a HIPAA master can offer, Bradbury said, include:
-
Market your HIPAA-compliant products and services
-
Consult clients with HIPAA risk analysis
-
Offer outsourced HIPAA compliance services
-
Offer End-User awareness and training
The healthcare IT market is too big to ignore, despite the rigors of HIPAA. Last year total spend was $40 billion the U.S., and it’s growing 23 percent a year.
When it comes to HIPAA, storage is one of the biggest issues, this because many of the rules surround the privacy and security of patient data.
And that is where Intronis, a backup vendor, comes in. And for MSPs, it is handy to know that Intronis sells only through its network of 2,000 partners.
For detailed advice pop over to the Intronis
HIPAA resource center.
Edited by
Alisen Downey
