Machinify uses ClearDATA Comply, an automated compliance software from AWS Premier Consulting Partner ClearDATA, to automate and streamline HIPAA and HITRUST compliance, give healthcare payers peace of mind that their data is protected, accelerate compliance reviews, and help insurers transform their operations.
Seeking to Streamline HIPAA and HITRUST Compliance
Machinify was founded to develop artificial intelligence (AI) software to support the core operations of health insurance providers (payers). An early focus of the company was payment integrity or assisting payers in processing hundreds of millions of claims with a higher degree of accuracy. “The health insurance industry is constantly evolving, with many enterprise customers increasingly underwriting their own medical benefits. This leaves the payers to provide all the administrative services for commercial healthcare plans, and they are looking for new digital approaches to drive operational efficiency” says Paul O’Farrell, Chief Strategy Officer for Machinify. A provider of payment integrity and other payer software solutions, Machinify applies AI to all aspects of the claims audit process. “Our customers use our platform to ingest large volumes of claims data, analyze that data, and build machine learning models on top of it,” says O’Farrell. “They can then use those models to audit claims and discover incorrect payments or overpayments.”
A cloud-native company, Machinify has run its platform on Amazon Web Services (AWS) from day one. As Machinify’s solution evolved to help transform and modernize healthcare payer operations, the company needed to find a way to easily achieve compliance with HIPAA and HITRUST certification requirements. “We wanted to automate compliance, so we wouldn’t have to spend a lot of time and money building our own compliance solutions,” O’Farrell says. “We want our developers focused on building new features and applications, not maintaining a compliance system.”
Implementing ClearDATA Comply on AWS
To address its security and compliance requirements, Machinify reached out to ClearDATA, an AWS Premier Consulting Partner that provides healthcare cloud software and services for providers, payers, and healthcare technology organizations. ClearDATA offers an AWS-based solution that enables customers to consume native AWS services and accelerate application development while automating compliance. David Levinger, Head of Operations for Machinify, says, “ClearDATA makes it easy to use the same AWS services we’re familiar with, but inside a HIPAA- and HITRUST-compliant environment.”
Machinify implemented ClearDATA Comply, a compliance software that contains automated safeguards to protect applications. The safeguards check each action against specific controls and ensure that properly configured services are deployed. When a safeguard detects a compliance issue, the resource is either automatically remediated or terminated.
ClearDATA Comply, which runs in the Machinify AWS account, uses events generated by AWS Config and Amazon CloudWatch to trigger an evaluation of AWS configurations. “When there are compliance issues detected, our remediation software is automatically triggered,” says Conor Colgan, Product Manager for ClearDATA. For example, if an Amazon Simple Storage Service (Amazon S3) bucket is created, a ClearDATA evaluation and remediation function is executed. “Our software evaluates a series of technical controls such as whether encryption at rest is enabled or public access is not set,” Colgan says. “This all happens through event-driven automation on AWS. Each control is evaluated to see if it is compliant, and it is automatically remediated if necessary.” The Machinify operations team also uses dashboards in ClearDATA Comply to gain real-time visibility into compliance status.
Machinify has used Comply with ClearDATA Managed Services to keep a safe, compliant environment for its customers—an environment consisting of payers, providers, and healthcare life sciences organizations that rely on ClearDATA’s expertise in the realm of Protected Health Information (PHI), HIPAA, ISO, and General Data Protection Regulation (GDPR) requirements.
“The doors to many of our business opportunities wouldn’t be open if we couldn’t articulate a high level of certainty around security and compliance. We can demonstrate that certainty by running ClearDATA on AWS.”
- Paul O’Farrell, Chief Strategy Officer, Machinify
Instilling Customer Confidence by Automating Compliance
Working with ClearDATA, Machinify can confidently demonstrate to payers that its applications are secure and compliant. “Security and data integrity are essential for our customers, and we can give them peace of mind by using ClearDATA Comply on AWS,” says O’Farrell. “The automated safeguards that ClearDATA has in place ensure that we are not in violation of HIPAA and HITRUST requirements. If there are issues, ClearDATA follows up with us immediately and remediates the problem.”
Ensuring compliance is especially important for Machinify because HIPAA rules require the company to be authorized as a business associate before working with a new customer. “We can’t access customer data until that authorization is complete,” O’Farrell says. “By demonstrating that our application is compliant, we can start working with new customers right away and begin looking at their historical data and outcomes to help them find areas of overpayment or inaccuracy. In many cases, this means they can save tens of millions of dollars.”
Accelerating the Security Review Process
Machinify can more quickly pass stringent security and compliance reviews by taking advantage of the automation of ClearDATA Comply. “By leveraging what ClearDATA has already built into its software, we are able to pass security reviews faster,” says O’Farrell. “Because ClearDATA is HITRUST-certified, HIPAA-compliant, and automated, it allows us to compress the information security review time and streamline the entire process, so we can accelerate our business growth by onboarding new customers faster.”
Helping Insurers Transform Operations
By relying on ClearDATA Comply, Machinify can focus more of its time and resources helping its customers. “By using Comply, we don’t have to spend engineering cycles and money building our own automated compliance solution,” says O’Farrell. “Instead, we can focus entirely on what we do best: helping healthcare insurers and payers transform their operations and drive efficiencies using AI.”
By putting more resources into development, Machinify will be able to expand its business. “The doors to many of our business opportunities wouldn’t be open if we couldn’t articulate a high level of certainty around security and compliance,” says O’Farrell. “We can demonstrate that certainty by running ClearDATA on AWS.”