The SMB Compliance Stack that Helps MSPs Take On Health Care

There's a growth market in health care for MSPs that provide compliance and data-protection solutions.

April 17, 2019

5 Min Read
Doctor with Tablet

By Angus Robertson


Angus Robertson

By Angus Robertson, CMO, Axcient

Looking for a growth market? Did you know that the global health care technology space has a CAGR of nearly 16 percent? This market is set to reach $280 billion by 2021.

Health care tech is just a part of the overall health care market. Deloitte predicts the global health care market will grow 5.4% per year to reach $10 trillion by 2022. Exponential technologies – those that double in capability or performance, perhaps halve in cost, such as artificial intelligence, augmented and virtual reality, data science, medicine, nanotech, networks and computing systems or robotics — are listed as a top financial disruptor in the space, and health care providers are turning to managed service providers (MSPs) for compliance and data-protection solutions.

So what does it take to enter into the health care industry, and who sets the standards? The Health Insurance Portability and Accountability Act (HIPAA) developed by Congress in 1996 protects patient data, and businesses who work with protected health information must have security measures in place to ensure HIPAA compliance.

4 Ways MSPs Can Fill the Gap

Here are four ways MSPs can start filling this gap:

  1. Overcome your HIPAA compliance fears. Health care can be complex. It’s possible that your company tried to offer a compliance solution in the past but stopped due to perceived risks. The market has seen dynamic improvement in the past 5 years.

While many MSPs still aren’t selling a compliance solution, those who are offering HIPAA-compliant solutions are realizing significant year-over-year growth. Don’t miss out on this high-growth opportunity

2. Study IT channel companies succeeding in the health care compliance space. Two examples are:

  • Compliancy Group: Thousands of customers, zero in HIPAA fees. The company helps MSPs deliver HIPAA-compliant technology solutions to health care providers. Partnering with leading vendors to layer in business availability, disaster recovery and security will enable MSPs to gain more margin.

  • Carlin Bradley LLC: It gained 20 new clients in 6 months. MSPs and MSSPs that have a powerful UCaaS-based compliance solution can resell it as a Compliance-as-a-Solution offering, giving MSPs the tools to break into health care and make lasting managed service relationships, year after year, the company says.

3. Get to know the health care market pain points. Here are some quick facts to get you started:

  1. 26 percent of the U.S. economy is health care-related.

  2. There are 5 million health care SMBs in the United States.

  3. HIPAA compliance enforcement has increased 400 percent in recent years.

  4. There’s a 70 percent audit failure rate for HIPAA compliance.

  5. The average HIPAA compliance fine is $1.5 million.

  6. Some 88% of health care is affected by ransomware:

  1.  76% failed security in 2018 (lost devices, malware, phishing attacks and personnel disabling security features)

    •  26% from IT staff not following policy.

  1. Fifty-three percent of MSPs serve SMBs in the health care vertical, but less than a third sell a compliance solution.

  2. MSPs in the health care space in 2018 have an average recurring revenue of $3.6 million.

4. Refine your sales pitch by defining the HIPAA tech stack. With a HIPAA compliance stack, MSPs help their health care clients avoid fines and grow through increased patient trust (new clients) and loyalty (recurring revenue). Case in point, a HIPAA Seal of Compliance can increase patient conversion. Verification of the seal is a cost-effective alternative to security certification standards like HITRUST.

Get to Know the Rules

So who has oversight over HIPAA compliance, enforces the law and monitors activities? The U.S. Department of Health and Human Services (HHS) established the HIPAA Privacy Rule and the Security Rule or Standards, a national set of security standards for protecting specific health information that is held or transferred in electronic form. Within HHS, the Office for Civil Rights (OCR) is responsible for enforcing the Privacy and Security Rules with voluntary compliance activities and civil money penalties.

Before going to market, familiarize yourself with …

… privacy, security, and omnibus rules, as well as associated security (SRA) and privacy audits. The 7 Elements of an Effective Compliancy Program (HHS) is a good place to start.

To meet these compliance program requirements, MSPs need to offer customers auditing, incident management, policies and training, as well as document-management capabilities, which should include monitoring, encryption, backup and secure messaging.

The complete HIPAA tech stack should look like this: BDR, Secure File Sync & Share, Email Archiving, Email SPAM, End Point Security, Managed Print, and NIST/PCI compliance.

MSPs interested in capitalizing on the $280 billion health care technology growth opportunity should aim to deliver complete HIPAA compliance solutions, similar to the one listed above.

Partnership is key when entering the HIPAA compliance space to deliver health care compliance solutions. Find a trusted vendor that has seen success in the SMB health care compliance space and will help you deliver the level of accuracy and consistency health care facilities require.

Angus Robertson is responsible for product, revenue and digital marketing as CMO at Axcient, which provides business continuity solutions serving MSPs who, in turn, support SMBs. Angus has more than 20 years’ experience in marketing and technology and he is passionate about how technology can be applied to solve business problems. In his free time, you can find Angus tearing up a squash court or perusing his @angusr1 Twitter feed for industry updates. You can follow @Axcient on Twitter.

Read more about:

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like