The SMB Compliance Stack that Helps MSPs Take On Health Care
By Angus Robertson, CMO, Axcient
Looking for a growth market? Did you know that the global health care technology space has a CAGR of nearly 16 percent? This market is set to reach $280 billion by 2021.
Health care tech is just a part of the overall health care market. Deloitte predicts the global health care market will grow 5.4% per year to reach $10 trillion by 2022. Exponential technologies – those that double in capability or performance, perhaps halve in cost, such as artificial intelligence, augmented and virtual reality, data science, medicine, nanotech, networks and computing systems or robotics — are listed as a top financial disruptor in the space, and health care providers are turning to managed service providers (MSPs) for compliance and data-protection solutions.
So what does it take to enter into the health care industry, and who sets the standards? The Health Insurance Portability and Accountability Act (HIPAA) developed by Congress in 1996 protects patient data, and businesses who work with protected health information must have security measures in place to ensure HIPAA compliance.
4 Ways MSPs Can Fill the Gap
Here are four ways MSPs can start filling this gap:
- Overcome your HIPAA compliance fears. Health care can be complex. It’s possible that your company tried to offer a compliance solution in the past but stopped due to perceived risks. The market has seen dynamic improvement in the past 5 years.
While many MSPs still aren’t selling a compliance solution, those who are offering HIPAA-compliant solutions are realizing significant year-over-year growth. Don’t miss out on this high-growth opportunity
2. Study IT channel companies succeeding in the health care compliance space. Two examples are:
- Compliancy Group: Thousands of customers, zero in HIPAA fees. The company helps MSPs deliver HIPAA-compliant technology solutions to health care providers. Partnering with leading vendors to layer in business availability, disaster recovery and security will enable MSPs to gain more margin.
- Carlin Bradley LLC: It gained 20 new clients in 6 months. MSPs and MSSPs that have a powerful UCaaS-based compliance solution can resell it as a Compliance-as-a-Solution offering, giving MSPs the tools to break into health care and make lasting managed service relationships, year after year, the company says.
3. Get to know the health care market pain points. Here are some quick facts to get you started:
- 26 percent of the U.S. economy is health care-related.
- There are 5 million health care SMBs in the United States.
- HIPAA compliance enforcement has increased 400 percent in recent years.
- There’s a 70 percent audit failure rate for HIPAA compliance.
- The average HIPAA compliance fine is $1.5 million.
- Some 88% of health care is affected by ransomware:
- 76% failed security in 2018 (lost devices, malware, phishing attacks and personnel disabling security features)
- 26% from IT staff not following policy.
- Fifty-three percent of MSPs serve SMBs in the health care vertical, but less than a third sell a compliance solution.
- MSPs in the health care space in 2018 have an average recurring revenue of $3.6 million.
4. Refine your sales pitch by defining the HIPAA tech stack. With a HIPAA compliance stack, MSPs help their health care clients avoid fines and grow through increased patient trust (new clients) and loyalty (recurring revenue). Case in point, a HIPAA Seal of Compliance can increase patient conversion. Verification of the seal is a cost-effective alternative to security certification standards like HITRUST.
Get to Know the Rules
So who has oversight over HIPAA compliance, enforces the law and monitors activities? The U.S. Department of Health and Human Services (HHS) established the HIPAA Privacy Rule and the Security Rule or Standards, a national set of security standards for protecting specific health information that is held or transferred in electronic form. Within HHS, the Office for Civil Rights (OCR) is responsible for enforcing the Privacy and Security Rules with voluntary compliance activities and civil money penalties.
Before going to market, familiarize yourself with …