Case Study

Increased Access to PHI Doesn’t Mean Privacy & Security Have to Be Compromised

About Saina Health 

Saina Health provides a robust health data management tool by integrating innovative software and technology that improves the delivery of care to patients. Their physician and patient-centric InstaHealth™ platform provides secure, 24/7 access to complete patient medical records. This helps patients be more engaged with their health and helps address the widespread issue of patient record integrity, with studies finding that as many as 20% of medical records contain errors. At the same time, physicians, hospitals, and payors benefit from access to aggregated medical records from all caregivers. Furthermore, InstaHealth™ tackles interoperability mandates from the 21st Century Cures Act by giving patients broad, secured access to their medical records.  

Saina Health inherently realized that empowering patients to obtain and share all their medical records with healthcare providers and physicians would create some unique privacy and security challenges. Their platform can currently request and share medical records for over 200 million Americans and the protection of that vast personal health information (PHI) had to be addressed. “At Saina Health, patient privacy and data security are our top priorities,” said Amin Mobasher, CEO of Saina Health. Saina Health was not going to let privacy and security become a roadblock to their mission.  

 

Step One of the Privacy & Security Journey: AWS Cloud Solutions 

When Saina Health initially developed its InstaHealth™ solution, they knew that the digital transformation in healthcare would require using a cloud service platform rather than hosting in-house servers. Using the cloud would increase flexibility, improve scalability, and significantly reduce costs, especially considering the expense of hosting in-house servers that address compliance with HIPAA regulations.  

After researching the major cloud service providers, Saina Health’s leadership chose Amazon Web Services (AWS) because it addressed their unique needs and challenges as a startup company that maintains extensive amounts of sensitive patient data:  

  • Engineering Expertise: AWS provides access to its engineering resources, reducing Saina Health from hiring additional internal resources to manage their large-scale amounts of patient data. 
  • Additional Support: AWS Activate assists startups like Saina Health by providing access to necessary resources to quickly get started on AWS – including credits, training, and support. 
  • Privacy and Security: AWS is architected in a secure environment that supports Saina Health’s HIPAA-compliance program.  

“We adhere to industry best standards for security and privacy practices,” said Mobasher. “AWS provides a secure solution with many services to ensure our cloud platform is secure and in compliance with HIPAA regulations.” 

 

Step Two: Saina Health Makes Further Privacy and Security Considerations 

Saina Health wanted to provide an extra layer of privacy and security for patients’ PHI and sensitive personal data. They realized that their cloud environment would require a robust set of technical controls mapped to standards and regulations such as HIPAA, GDPR, and NIST. They needed to enforce automated and ongoing compliance and be able to easily identify non-compliant actions. With that in mind, the team sought a partner with a unique set of healthcare, cloud, security, privacy, and compliance expertise. 

Ultimately, Saina Health partnered with ClearDATA because their multi-cloud, healthcare-specific, policy-as-code solutions provide automated technology and industry-leading expertise to harness Saina Health’s secure patient data in the cloud. “ClearData is the HITRUST-certified leader in cloud security and compliance for healthcare. They have implemented the most rigorous tools and standards available to protect our sensitive healthcare data,” said Mobasher. 

ClearDATA’s comprehensive solution Healthcare Cloud Privacy and Security Management Platform protects Saina Health’s patient data 24/7 and addresses potential gaps in privacy, security, and compliance. It also provides engineering resources, helping Saina Health reduce costs and focus on what they do best – improve the delivery of care to patients. With the partnership, ClearDATA acts as a force multiplier by providing Saina Health with a 25% increase in man-hours to their security team, in addition, ClearDATA helps accelerate time to market by a full quarter, providing rapid time to value.   

“Saina Health is a forward-thinking organization, solving critical healthcare challenges with innovative digital health solutions while prioritizing privacy and security from design time and throughout the lifecycle of their application,” said Chris Bowen, Founder and Chief Privacy and Security Officer of ClearData. “The need to protect sensitive patient data has never been more important with the increased prevalence of healthcare-targeted security disruptions, expanded attack surfaces with the burgeoning healthcare IT landscape, and the relative value of healthcare data to bad actors.” 

 

Step Three: Moving Forward 

Saina Health has immediate plans to expand its user base of the InstaHealth™ platform and has several new features on its roadmap. For example, they are developing a platform that makes it easy for patients to get a second opinion and they are using AI to provide patients personalized health information and preventative notifications based on symptoms – striving to reduce the incidence of acute health conditions by addressing warning signs early. Saina Health is also creating a new marketplace for physician engagement and providing more necessary services to the patient.  

 

To learn more on how Saina Health is helping patients and physicians have secured access to medical records, visit www.sainahealth.com. To learn more about how ClearDATA can help you enhance compliance, privacy, and security in the cloud, visit www.cleardata.com