Our CTO Frank recently spoke at NYC.rb, to give Ruby devs an introduction to Docker, simplifying service-oriented architecture, wrapping databases in a uniform API, and achieving the Holy Grail of dev/prod parity.
If you find this interesting, join us!
We’re proud to announce our role in the world’s first population health study focused on gay and transgender men and women.
Spearheaded by researchers at the University of California - San Francisco, the LGBTQ-focused study is called PRIDE. Researchers’ ultimate goal is to build the largest LGBTQ health database in history so that medical professionals have the proper tools to address the physical, mental and social issues exclusive to gender and sexual minorities. For example, 33% of the LGBTQ community are smokers, a rate far higher than the national average. While scientists speculate this statistic means that more of these community members die from cancer and other smoking-related diseases, there is no official data to back these theories. Needing a way to gather loads of sensitive information quickly and efficiently, PRIDE leaders reached out to the tech world, and we of course responded with innovation.
The first contribution to the UCSF study was ThreadResearch’s iOS app, aptly named PRIDE. Employing the newly-released Apple ResearchKit, the app collects public health data using iPhones. Prompted to answer questions about their health history and concerns, LGBTQ participants will inform the longer-term PRIDE study, which kicks off in January of 2016.
To ensure this private information remains secure, we’re powering a streamlined HIPAA- and IRB-compliant platform behind the scenes of PRIDE. Our CEO, Chas Ballew, says, “The UCSF PRIDE study is a great example of the changing face of health tech. Smart phones and cloud-based data collection are just now becoming viable solutions in the tightly regulated health-data world. We’re excited to be pioneers in this fast-growing technology.” Confident that their private information is protected under our prudent watch, researchers and study participants alike can now move forward into realms of medical advances that have never before been explored. And hopefully the fresh strategies developed by physicians will make a dent if not eradicate issues that have long plagued this misunderstood field of medicine.
Read more about the PRIDE study at http://www.pridestudy.org/
This week we teamed up with AWS and TelePharm to talk about architecting for HIPAA compliance in the cloud:
More questions from the audience:
Does data that is stored long-term in RAM (in Redis, for example) need to be encrypted, or does it only need to be encrypted when persisted to disk? Does HIPAA require that data within a VPC be encrypted? Is data considered encrypted at rest on EBS if the instance is still running?
HIPAA has no specific mandatory requirement that data be encrypted, but regulated entities must take “reasonable and appropriate” measures to safeguard PHI. Whether data is encrypted at the point of breach depends on how a potential breach occurs. It may be more helpful to take a risk-based approach, breaking potential threats into categories and asking: How likely is an attack to be attempted? How likely is it to succeed? What impact to PHI would result?
The Aptible compliance platform helps customers analyze risk using SP 800-30 Revision 1, a federal methodology developed by NIST in collaboration with the Department of Defense and the Office of the Director of National Intelligence.
How do Aptible databases work?
Databases are built from standardized images and run in private subnets, inaccessible from the outside Internet. We attach encrypted storage volumes and make nightly encrypted backups.
What AWS regions is Aptible available in?
Currently any region except GovCloud and China (Beijing).
If a deployment needs to be available in Europe as well as in the US, who is responsible for where the data is stored and how PHI data flows across regions?
Aptible customers define environments for apps and databases. Those environments run in discrete geographic AWS regions that you specify. Communication across regions is routed over the Internet. You can easily and clearly control the countries and legal jurisdictions where your data is stored and moves through.
How does Aptible manage data encryption on/through ELB?
We only pass encrypted data through load balancers. SSL/TLS is terminated on the EC2 instance. (See the webinar, around 24:47.)
I work for a national MSP. I’m a certified AWS Cloud Solution Architect. I have a customer in the healthcare vertical that would benefit from moving certain workloads to AWS. Is Aptible willing to partner?
Yes, we frequently work with technical partners. Please contact us.
Will Aptible and AWS sign Business Associate Agreements?
Frank spoke at CoreOS Fest today, about how Aptible uses containers to address security and compliance objectives. [UPDATE: Check out the video below, and visit the CoreOS Fest website to see some of the other topics and speakers.]
If you find this interesting, join us!
Frank spoke at AWS re:Invent last week, in a session about architecting for HIPAA compliance. The entire panel is worth watching.
Having just come through Y Combinator, we frequently get asked whether it was worth it. The answer is absolutely yes, no hesitation. While the experience is still fresh, I want to encourage you to apply for the next cycle and give some advice for getting in.
You have a early-stage startup, or at least an idea for one. You know Y Combinator is fantastic: the network is legendary, the terms are fair, the other founders are incredible, and it provides an amazing lift for customer acquisition, fundraising, and recruiting.
The catch is that acceptance rates are brutal. Somewhere below 3% of applicants get an offer.
Should you skip this application cycle and apply later, when your company is more mature?
You should apply now, even if you don’t think you are ready.
There are two main reasons for this:
The application process itself is valuable.
Preparing the application requires you to think carefully about your idea, your company, your market, your team, and the obstacles in your way. Forcing yourself to reflect honestly is painful, but extremely beneficial. Seize the opportunity to do it now.
You have a better chance than you think.
The traits YC looks for in companies and founders are well-known and addressable. By “well-known,” I mean go read PG and Sam’s essays. By “addressable,” I mean you can improve your chances with focused work and practice. If your company doesn’t have the ideal characteristics, you can acquire the important ones. If you have the right ingredients, you can learn to convey that clearly and concisely.
That’s why you should apply now.
Here’s how to get in:
Step 0: Make something people want.
I’m kidding but not really.
“Make something people want” is YC’s motto. It’s also what they look for in companies. It’s not always sufficient, but it is necessary. If you do it, the rest can fall into place. If you don’t do it, you’re toast. Or Clinkle.
Others have written about how to find something to make that people want. I won’t get into that here, but I will add that most of the YC application process reduces to proving you’ve made something people want.
How do you prove it? Having paying customers is convincing. Having a lot of users is also convincing.
Showing that people want something similar to what you made or that you could make something people want are not convincing.
Sign contracts, take preorders, get LOIs, fill a waitlist, collect emails from customers saying how they can’t wait to pay you. Stop reading this and go do whatever you can to prove people want what you make. Now!
Step 1: Apply
Now, armed with proof that you make something people want, you are ready to apply.
Spend time thinking carefully about the questions. Don’t spend any time trying to game the application.
- Be honest with yourself. You know what your weaknesses are. Don’t shy away from them, but don’t waste too much time worrying if you can’t change them. For example, when we submitted our application, Aptible had no paying customers. We work in a regulated industry (healthcare) where getting security and stability right is critical, and we were confident that waiting was the right choice.
- Use every question to show that people want what you make. We made sure to explain what our waitlist looked like and how many customers had signed contracts to pay soon.
- One or two sentences is fine for most answers. Be clear and direct, then move on.
- Don’t overthink the video. Introduce yourselves, briefly explain what you’re working on, and spend the rest of your time explaining how you know people want what you make. Follow the instructions. Here’s our video.
Step 2: Interview
The application questions are a subset of the questions you may be asked at an interview.
Before our interview, Frank and I:
- Collected all of the known Y Combinator interview questions we could find
- Wrote out 1-2 sentence answers
- Agreed on which founder would lead on the answer, and
- Practiced with flash cards until we could answer every question fluently
Writing your answers out will help you formulate concise, consistent responses.
To test our fluency, we did mock interviews with each other, with our startup/tech friends, and with YC alums.
Mock interviews are the best way to practice. You will be shocked and disappointed by how incompetent you sound at first. Don’t worry, you’ll improve dramatically with repetition.
As one of our investors puts it, “You’re going to be telling people what you do eight times a day for the rest of the company’s life. Get good at it.”
Below are the questions we used to prepare. I don’t remember where we found each one, so apologies to the original sources. I’ve grouped them into categories by how important I think they are. The groups are my own and do not reflect YC’s views.
Remember: One or two sentences each. If you prepare longer answers, you’ll be flustered when the YC partners cut you off to ask another question. James Cunningham and Colin Hayhurst (GoScale, S12) built a fun app with a timer to help you practice concise answers.
These are the most important questions. They are all different ways of determining if you make something people want. You need to have a good answer, or an excellent reason for not having an answer. Many of these are in the application itself.
- What are you working on?
- Who would use your product?
- How do you know customers need what you’re making? How do you know people want this?
- How will you make money?
- How much money could you make per year?
- Why isn’t someone already doing this?
- Why will you succeed over others? What do you understand that others don’t?
- What have you learned so far from working on your product?
- How much does customer acquisition cost?
- How many users do you have?
- Where do new users come from? How do users find out about you?
- How are you meeting customers?
- What is your distribution strategy? How will you grow?
- What makes new users try you?
- Why do the reluctant users hold back?
- What is your growth like?
- What is your user growth rate?
- What’s the conversion rate?
- How many users are paying?
- Who is going to be your first paying customer?
- What resistance will users have to trying you and how will you overcome it?
- How are you understanding customer needs?
- What are the top things your users want?
- What has surprised you about user behavior?
- What’s new about what you make?
- What problems and hurdles are you anticipating? How will you overcome them?
- Six months from now, what’s going to be your biggest problem?
These questions concern narrative, team, and tactics. They are important, but only if you make something people want first.
- Why did you choose this idea? Why did you pick this idea to work on?
- Where is the rocket science here?
- How does your product work in more detail?
- What do you understand about your users? What domain expertise do you have?
- What are the key things about your field that outsiders don’t understand?
- What’s an impressive thing you have done?
- How did your team meet?
- Why did your team get together?
- Who in your team does what?
- Who would you hire or how would you add to your team? Who would be your next hire?
- What part of your project are you going to build first? What are you going to do next? What is the next step with the product evolution?
- If your startup succeeds, what additional areas might you be able to expand into?
- Who are your competitors?
- Who might become competitors?
- What competition do you fear most?
- What is your burn rate?
- How long can you go before funding?
- Have you raised funding?
These are questions that have a correct answer.
- What will you do if we don’t fund you? Keep working on this, because it’s a good idea that we can execute.
- Would you relocate to Silicon Valley during YC? Yes.
- Who is “the boss”? (Agree on one founder.)
If you get asked these in an interview, either you’re not doing well or you’re being tested. Try to preempt them with good answers to the more critical questions.
- How do we know your team will stick together? Will your team stick at this?
- What else have you created together?
- Are you open to changing your idea?
- Someone just showed us an idea like this right before you guys. I don’t like it. What else do you have?
Have answers, but don’t stress about these questions.
- What systems have you hacked?
- Tell us about a tough problem you solved?
- In what ways are you resourceful?
- What is something surprising you have done?
- What’s the funniest thing that has happened to you?
- What’s the worst thing that has happened? What’s the biggest mistake you have made?
Step 3: Start Now
Step 3 might be “Accept”, but if you interview, you should have already decided. You give up ~7% of the company for $120k in funding. YC will increase the value of your company by much more than 7%, without question. You will not get a better deal from fairer, more transparent partners anywhere.
You will only have about 100 days between getting accepted and Demo Day to make the most convincing case possible to investors. If you don’t get in, you have about 200 days to prove you can make something people want before you can apply again. Start now.
Good job on making it to the end! Feel free to ping me on Twitter or with the contact link above if you have questions. After interview invitations go out, I’ll volunteer a limited number of mock interview spots on Twitter.
You can find the Hacker News discussion for this post here.
Update - October 29, 2016: Formatting edits.
YES! Finally! The Aptible team and I are very happy to announce our public launch.
Frank and I started Aptible because we saw how difficult it was for technology companies to navigate the regulatory environment in healthcare. We believe that many of the most intractable problems in healthcare can be addressed with great technology, and we are working to empower smart, dedicated people to tackle them.
For the last few months, we have been working closely with a group of companies that represent the future of digital health. We are looking forward to telling you their stories in the coming weeks.
We are also excited to announce our relationships with three fantastic organizations:
Aptible is proud to be part of Y Combinator’s S14 batch. All of the partners have been amazing - YC is one of those rare organizations that is every bit as great on the inside as you hope it would be from the outside. Thanks especially to Justin, Garry, Kat, Jon, and Aaron for helping us prepare for this launch.
Today is the beginning of something very special. With an incredible team and the support of our customers and partners, we are going to rapidly accelerate the adoption of technology in healthcare, and help a lot of people on the way. If you want to be part of this, let us know, or email me at email@example.com.