This is what I'm most curious about. The technical/security side is only 1/3 of HIPAA, how do you turnkey the remainder? How do you scale/automate preforming repeat RAs, etc, across different clients?
We are constantly improving how much we automate, but the major goal is to make sure that if manual work needs to be done, Aptible is doing it, not our customers.
Preparing training materials is a good example. Each of our customers get three types of training: basic HIPAA privacy and security training for everyone; developer training, specific to their stack; and security officer training. We customize that training. We may modularize it later, but only if we can maintain the quality and experience.
We spend as much time with each customer as they want, but we don't bill for support and we don't bill for consulting. At first it seems higher-priced than some options, but there are no hidden costs.
Preparing training materials is a good example. Each of our customers get three types of training: basic HIPAA privacy and security training for everyone; developer training, specific to their stack; and security officer training. We customize that training. We may modularize it later, but only if we can maintain the quality and experience.
We spend as much time with each customer as they want, but we don't bill for support and we don't bill for consulting. At first it seems higher-priced than some options, but there are no hidden costs.