Ostendio Protects Against Health Data Breaches
After working at a health IT company, Ostendio CEO Grant Elliott knew that health care vendors needed to follow and comply with all the rules and regulations designed to keep health data safe. His simple solution? A cloud-based software called MyVirtualComplianceManager.
The product, known as MyVCM, distributes responsibility for knowing rules and regulations throughout a health company, where often just one person is responsible for managing compliance. MyVCM users undergo training, and the program scores the companies based on their abilities to meet certain compliance benchmarks.
“Because we’re able to measure performance on an individual level, it really makes it much easier to gauge performance at the corporate level as well because we aggregate that information,” says Elliott. “[Individual users] only know how they’re doing, but they also know how they’re doing in comparison to the organization.”
Ostendio’s approach of delegating compliance responsibility across a company is key to helping prevent breaches.
“These breaches are happening because of people. Our platform really addresses the fundamental people issue. You can have all the right tools, but if you don’t have the right training, tools and policy, these issues are going to continue. The differentiation between us and the competition [is that] this is not just about us checking a box for compliance against a regulation,” says Jean Foster, the chief marketing officer for Ostendio. “We’re trying to help really build [compliance] into the core of the business, the culture, the DNA.”
As more and more medical data is stored in the cloud, the risk of it being leaked becomes even higher. Health data breaches are especially troubling since most of that data is extremely sensitive and private. Small and large companies alike are at risk. In early 2015, hackers stole confidential account information from as many as 80 million Anthem customers.
Startups like Ostendio are working to solve a security problem that many health care companies are fighting hard to prevent. Despite the fierce competition in a fast-growing niche area, Ostendio continues to thrive.
“The biggest challenge for us is to find new ways or novel ways to just simply get the audience. Once we get the audience, we know what we do from there,” Elliott says. “When we can get in touch with the right people, the proposition really, really resonates.”
“Our ratio of demonstrations to conversations is probably the highest I’ve ever seen in my career,” says Foster.
Pete Celano, the director of consumer health initiatives at MedStar, is a convert. Celano vetted plenty of companies when MedStar — the largest nonprofit hospital system in the Maryland and Washington, D.C. area — was searching for a way to assess the security and compliance of outside vendors, and Ostendio was the best option.
Celano praises Ostendio for its focus on the medical field and user-friendly product.
“Ostendio is kind of Amazon-esque. It’s very simple. Very straightforward,” says Celano. “That makes all the difference, because if you buy something, and the users don’t adopt it, you’ve got nothing.”
Using Ostendio has slashed the time MedStar needs to assess vendors from six months to mere weeks. The shortened evaluation period is crucial to a big health company like MedStar.
“Big systems have every chance to transform themselves in great new ways but only if you can vet these vendors up front and continually, and we have a platform for that,” Celano says. “There’s a risk these hackers might come to health care, and we want to be ever more careful with the vendor we pick. Ostendio is the right offering for the right time.”
Ostendio’s relationship with MedStar started at a 1776 event. While MedStar is one of Ostendio’s largest clients now, the startup’s early stages were far more humble.
“A little more than two years ago, I walked into 1776 with nothing more than an idea,” says Elliott, who founded Ostendio in August 2013.
Even though he had worked for small companies, Elliott didn’t know what went into building a business from the ground up, but that quickly changed. He attended 1776’s educational sessions ranging from “How to Get Funding” to “Managing Taxes” and networked with other entrepreneurs there.
“Being able to talk to other people going through the same [startup] challenges was incredibly helpful,” says Elliott. He half-joked that Ostendio should serve as a poster child for 1776.
“How do you take an idea from concept and just grow it to a successful organization?” says Elliott. “Clearly, we still have a long way to go because we’re still very young, but I think we’re kind of living that 1776 ideal.”