Able Health cofounder and president Steve Daniels oversees all product and customer operations at a company that built its business around private health information. The platform imports patient data from customer systems and calculates hundreds of indicators related to care quality and patient outcomes, leaving no room for error when it comes to security.
Knowing the importance of privacy in the healthcare industry, Daniels adopted Aptible to create a strong Security Management program. After comparing a handful of vendors, he decided on Aptible Comply to put compliant policies in place. To ensure the company deploys their solution on Enclave, Aptible’s infrastructure has built-in security controls to meet even the most demanding regulations.
Before using Aptible, Daniels and his team had to manually assemble policies and procedures on security and privacy. Unfortunately, these documents were mostly pieced together from disparate sources and consultants. They weren’t representative of what Able wanted to accomplish—they were designed for larger organizations, referencing roles that didn’t even exist in the company.
Once Daniels adopted Comply for Able’s Security Management program, he was able to customize each policy for the roles and technology that existed at his company. It was easy for everyone to understand what they needed to do to support security and privacy initiatives, which led to complete buy-in from everyone on the team.
Aptible gives Able employees a clear view into how policy translates into everyday workflows. Comply provides a framework for implementing HIPAA-compliant security practices, including a detailed information hierarchy that Daniels used to map responsibilities to specific roles in his company. This clear direction allows everyone at Able to consider security as part of their job. “More than ever people are aware of the policies and procedures that affect them,” says Daniels. “It’s far more of a team effort than it used to be.”
Aptible helped Able customize processes, procedures, and documentation for their company—the size, the roles they hired for, and the requirements that help them win new customers. Comply lets them assign leads for each area of responsibility, clearly delineating between them. Daniels uses Aptible’s dashboard to review what actions are needed to stay compliant with their policies.
When it comes to deployment, Able can rely on Enclave automatically implement HIPAA-compliant security controls. They then configure the platform to meet additional requirements that are unique to their security management system. If they decide to pursue additional certifications, they can add configurations without putting existing protocols at risk.
Daniels recommends Aptible on a regular basis, touting it as the best security and compliance tool on the market by far. He places a huge value on knowing Able Health is compliant at all times so the team can focus on other important initiatives.
As a company that built its reputation on private health data, Able has created a culture of security throughout the development lifecycle. They’ve adopted some of the best technology in authentication, device management, vulnerability scanning, intrusion detection, and more. Aptible helps them tie it all together.