When approaching buyers, it is easy for healthcare IT (HCIT) companies to get wrapped up in the technical side of a solution. Touting a long list of innovative features and abilities seems like a sure-fire way to highlight the exciting potential of a new product. However, today’s healthcare buyers aren’t looking to learn about—or even embrace—another technological advancement. They are looking to meet real needs within their organization.

To reach today’s healthcare organizations successfully, HCIT companies need to look at their solutions through the lens of the buyer.

Put simply: The lead story shouldn’t be the technology. It should be the market problem it is solving.

This requires HCIT companies to not only anticipate buyer needs, but also be prepared to answer the critical questions buyers have.

The following are the top questions HCIT organizations can expect from potential buyers, as well as strategies for providing answers that will meet buyer needs and improve overall product success.

The Big Question: Security and Compliance

Without a doubt, the main question any buyer in the healthcare space will have is around security and compliance. Transmitting personal health information (PHI) is a huge concern among all stakeholders, and buyers need to be reassured that HCIT organizations take security seriously.

Buyers will want confirmation that all security bases have been covered, from technology features to internal personnel training. 

Technology Abilities

On the technology side, questions will typically be in the form of a security assessment or questionnaire. Although the length and depth of the assessment will vary by healthcare organization, most will want to know the security basics: how and when data is encrypted; how PHI is transmitted; how PHI and other sensitive data is stored.

Healthcare buyers will also want to know the ways in which the healthcare technology company or ISV has differentiated itself and if it has gone the extra mile in terms of security and compliance. This includes whether or not the healthcare tech company has performed vulnerability scanning and penetration testing with its product; the extent of its knowledge and experience with cloud technologies, and if it holds HITRUST, or other important certifications that ensure compliance.

Internal Policies and Procedures

Buyers will likely have questions on the policies and procedures side as well—and with good reason. Many security incidents or legal declarations of healthcare breaches stem from problems with people, not technology. In fact, according to statistics published by the HIPAA Journal, unauthorized access/disclosure incidents are the second most common cause of data breaches, right behind hacking.[1]

Because of this, many buyers will want to know about a healthcare tech company’s hiring and background screening tactics, onboarding procedures, and employee policies and expectations. They may also want to know specifics about training. One possible question might be: When is the last time a security or incident breech simulation has been performed, so employees are prepared to respond quickly and appropriately?

Although these types of questions and requests may seem fundamental, HCIT companies often skip over these details and, in turn, overlook one of the top concerns among healthcare organizations. Buyers in the healthcare space — be they providers, payers, life sciences, or pharma — do not want to assume that their data is safe and compliant. They want assurance and proof.

Buyer-Specific Questions

A common misstep among HCIT companies is overlooking the individual needs of different user groups. Healthcare as an industry is very segmented and specific, and stakeholders often expect the solutions they use to be specific as well. Understanding the unique needs and concerns of different buyers is the key to building customer relationships and turning HCIT companies into trusted partners, not just SaaS providers.

The following are the top questions HCIT companies can expect from specific buyer groups:

Doctors/Providers

Doctors and providers rely heavily on IT companies and departments because they don’t have the technical expertise, nor do they have the time or desire to learn it. Their main focus is going to be around usability, support, compliance, and patient outcomes. Possible questions include:

  • How do I maintain the solution?
  • How do I train my staff to use this solution?
  • What certifications do you have to ensure compliance?
  • What other providers have used this technology?
  • How does it improve patient outcomes or my revenue cycle management?
Insurers/Payers

Insurers are extremely focused on the patient or customer experience. They are also very concerned about risk and, as a result, will expect full transparency. Possible questions include:

  • How does this impact the customer or patient experience—how do they see claims, submit claims, search what is in or out of network, etc.?
  • How do I actually consume this?
  • How does this integrate into my existing set of services? Do you have a REST-based API that I can consume easily?
  • How do you handle risk? Do you have a risk register or a list of open vulnerabilities that you are remediating?
Regulators

Most conversations with regulators will be around compliance, and they will always want proof of any and all certifications. Providing specific answers as well as paperwork to back up any claims is critical. Possible questions include:

  • How does your technology solution map to the federal code of regulations?
  • Do you have HITRUST, GDPR, SOC 2 Type II, ISO 90001 certification, and can you provide proof and audit reports of those certifications?
  • If you are not HITRUST certified, are you working with a cloud managed services partner who is?
  • What are your policies around compliance, and how can you prove that they are followed?
  • Can we come on-site to see your policies in action?

Strategic Answers

Of course, the answer to each buyer question will vary based on the technology solution and its abilities. However, the tone for every answer should be the same—one of empathy and understanding. Too many SaaS companies fail to view their solution through the lens of the buyer and miss the mark not only during the sales phase, but on the product development side as well.

The key is for HCIT companies to learn about the potential buyers they are trying to reach. One way to do this to build in-house experts who proactively learn more about user challenges and needs. Many industry leaders are accomplishing this by using a pragmatic product marketing model—a marketing strategy that involves surveying and interviewing existing customers, lost leads, current opportunities, and market researchers.

Another option is to use meetings with potential buyers as a learning opportunity, not just a sales opportunity. One strategy might be to leave 10 to 15 minutes at the end of a pitch meeting to actively listen. This tactic not only makes the potential buyer feel heard; it provides HCIT companies with valuable insight that can improve existing solutions and fuel ideas for future products.

Selling Success

In the end, a solution should solve a problem and a service should fulfill a need. Leading HCIT companies have to be prepared to communicate those messages fully with buyers to have any chance at a sale. Knowing what questions buyers are asking—and providing the answers they need to hear—is critical for HCIT companies that want to develop strong customer relationships, buyer-centric solutions, and long-term product success.

 

[1] “Healthcare Data Breach Statistics.” (2019). HIPAA Journal. Retrieved from https://www.hipaajournal.com/healthcare-data-breach-statistics/.