Cordata Gains Compliance Confidence from Clients and Investors with Datica
“It’s difficult to develop software when engineers are pulled off on a regular basis to deal with infrastructure.”Eddie Sorrell, Senior Director of Client Services, Cordata
CASE IN FACT
Cincinnati-based Cordata Healthcare Innovations formed in July 2014 when two companies merged that had each been in business ten years. Cordata’s 25 employees work with roughly 100 hospitals across the U.S. to provide care coordination technology solutions for various complex medical specialties, with the goal of improving clinical and business outcomes. In its mission to simplify the process of the complex care continuum, Cordata discovered it not only needed help with compliance, it needed partners and advisors who eat, drink and sleep compliance.
A large hospital system was interested in adopting Cordata’s care coordination platform, which used Datica’s Compliant Cloud and the cloud hosting services of another company. As negotiations proceeded toward contract signature, the hospital’s chief security officer expressed concerns about the company’s ability to achieve HIPAA compliance. This concern stemmed from a recent, but unrelated, breach at one of the healthcare system’s hospitals which left the healthcare system struggling to remain confident when dealing with small and medium-sized companies.
Thinking his company already had a solid HIPAA foundation, Cordata CEO and President, Gary Winzenread, engaged the hospital’s chief security officer to learn more about her concerns. “During due diligence, we strive to be fully transparent with information and documentation we provide. This way, we can truly ‘live’ compliance, learn from the inspection, and gain full confidence in our controls. This, in turn, greatly streamlines the due diligence process for all future deals.”
This effort to become more proactive and transparent aligned with the Datica vision of healthcare – and made Cordata a good fit culturally with Datica. “Like Datica, we embrace the openness and information sharing. Certainly, we appreciate their pushing information out to the public on GitHub, sharing code, communicating their policies, and helping to educate companies like ours,” Winzenread explains.
THE TRANSPARENT SOLUTION
At the time, Cordata had been looking at multiple PaaS partners to see which service could host the infrastructure while simultaneously providing the trust and confidence to be fully HIPAA compliant. With many of these providers, Cordata would need to own the infrastructure side – including encryption at rest, security protocol policies, intrusion detection and ongoing vulnerability assessments – though these policies and processes needed to live seamlessly within the Cordata HIPAA framework. According to Eddie Sorrell, Cordata’s senior director of client services, the team was challenged in standing up a fully HIPAA compliant environment on Amazon Web Services. “It’s difficult to develop software when engineers are pulled off on a regular basis to deal with infrastructure.” After discovering and choosing the Datica solution, Sorrell had his answer. “In a matter of a few weeks, we stood up our solutions on Datica and we saved a couple months of effort.”
Datica lead engineer for the Cordata project, Nate Radtke, says the project was a distinct challenge, because Cordata had three environments to onboard and required a few custom configurations outside the Datica standard install suite. “Deploying an application in a new cloud environment isn’t always straightforward but Datica diligently works through hiccups to complete the deployment outcome that meets the customer’s application and expectations.”
“We are seeking to build confidence with many stakeholders. When I mention Datica, I get nods of recognition and no more questions asked about infrastructure.”Gary Winzenread, CEO and President, Cordata
CHOOSING A VENDOR OR A PARTNER
Winzenread believes strong and collaborative relationships are critical when it comes to HIPAA compliance. “Regular interactions and deep discussion are necessary to talk through issues and develop good answers to the many and complex questions large hospitals will ask during HIPAA audit reviews,” he said. “Through such willingness to collaborate and problem-solve proactively, Datica feels like a valued partner for Cordata.”
Sorrell knows first-hand what that partnership means. “I can literally ping the team and within minutes have a response back. I’m constantly bouncing things off Datica, looking for that thought leadership, especially in the HIPAA compliance area.”
“We are seeking to build confidence with many stakeholders. When I mention Datica, I get nods of recognition and no more questions asked about infrastructure.”
SOLUTION BRINGS NEW OPPORTUNITIES
Beyond savings equivalent to a full-time employee and several months of time, Datica helped Cordata achieve stronger transparency of compliance practices, simplification of audits and immediate trust in its own infrastructure. These outcomes have also boosted the company’s sales process and outlook for growth.
About Cordata Healthcare Innovations
Cordata Healthcare Innovations offers care coordination products that improve clinical outcomes, enhance the patient experience, and help healthcare organizations more effectively treat people undergoing complex specialty treatments, like oncology and spine. Physicians, nurse navigators, service-line directors, and business executives at more than 100 organizations rely on timely, actionable, and enlightening insights from Cordata to do what they do best — care for individual high-risk patients and increasing population health. Learn more at cordatahealth.com.
Datica (formerly Catalyze) makes digital health in the cloud a reality by removing the risks that prevent its adoption. We turn HIPAA compliance on public infrastructure providers into a solved problem, and enable secure clinical data exchange between mission-critical digital health applications and EHR systems. Datica serves healthcare’s complete spectrum, from digital health startups and industry leaders to health systems across the nation. Hundreds of customers and partners trust Datica to ensure their clouds are HITRUST certified and data securely interoperable. For more information, visit datica.com.