ClearDATA = Microsoft Partner of Choice for PHI Applications · SECURE •HEALTHCARE •CLOUD...
Transcript of ClearDATA = Microsoft Partner of Choice for PHI Applications · SECURE •HEALTHCARE •CLOUD...
Making healthcare better every single day.
Austin, TX (HQ)
101 West 6th Street, Suite 310
Austin, TX 78701, United States
Phone: + 1 (833) 992-5327
Support: + 1 (602) 635-4004
Web: www.cleardata.com
ClearDATA = Microsoft Partner of Choice for PHI
Applications
Accelerating Cloud Adoption in Healthcare
2Proprietary & ConfidentialSECURE • HEALTHCARE • CLOUD
• Intro
• ClearDATA Background
• Overview
• Solution Review
• Questions
ClearDATA
Agenda
ClearDATA Overview
www.cleardata.comProprietary & Confidential
ClearDATA is the nation’s only healthcare-exclusive cloud computing company. As the healthcare market leader, ClearDATA products and services are positioned to solve the three fundamental changes facing Healthcare IT:
• Modernizing Infrastructure• Securing and protecting patient data • Improving data interoperability
ClearDATA is headquartered in Austin with national coverage
Founded: 2009
Solution Areas: Security & Compliance, GDPR Practice
Key Verticals: Healthcare Payer | Healthcare Providers |Healthcare Pharma/Life Sciences |Healthcare SaaS Companies |Biotech
Target Client Base: Enterprise, Mid-Market, and Startups
Our Expertise
We've Earned the Trust of Clients Across Healthcare & Life Sciences
At-Scale Analytics/
GenomicsCore
Collaboration
M&A
Integration
IT Transformation
Modernization
Consumer
Mobile
Data Center
Extension
Next Gen
B-Up/DR
Unify Test
& Production
To Help Them Build Innovative Applications in the Cloud in a Secure & Compliant Manner
PROVIDERS LIFE SCIENCES HEALTHCARE TECHNOLOGY PAYERS
www.cleardata.comProprietary & Confidential
5Proprietary & ConfidentialSECURE • HEALTHCARE • CLOUD
DEMONSTRATE
Continuous compliance monitoring,
alerting, visualizing
REMEDIATE
Privacy, Security, Compliance automated
evaluation & remediation
Accelerate cloud adoption
ClearDATA
ACCELERATE AUTOMATE INNOVATE
Eliminate manual, fragile processes, automate cloud,
security & compliance
Digital Transformation
allows enterprises to be modern and agile
– unlocking innovation
Enabling Innovation
www.cleardata.comProprietary & Confidential
Common Misconceptions
Common Audience
CIO are a core audienceCIO
CISO, Info Sec, Compliance, Regulatory OfficeCISO
We tend to work in multiple areas of the Business. VP,
Dir Applications, Data, Innovation, etc..Director
VP ITVP IT
ClearDATA Accelerates Azure
Consumption
For Healthcare
PHI Applications REQUIRE Enhanced Protection and
Compliance
ClearDATA are the Experts
When you hear PHI, bring in ClearDATA
Accelerate your Sales Cycle
Partnership – 3 Key Takeaways
www.cleardata.comProprietary & Confidential
How We Can Help
8Proprietary & ConfidentialSECURE • HEALTHCARE • CLOUD
Fast, Frictionless MS Consumption for PHI Workloads
Why ClearDATA
App 1(no PHI)
MS HCLC Customer
Risk & Compliance
App Dev IT Ops
LegalCSA
Fast, Simple Execution
First Application No PHI Data
✓ Simple Contracts✓ Risk & Compliance
✓ IT Execution
9Proprietary & ConfidentialSECURE • HEALTHCARE • CLOUD
Fast, Frictionless MS Consumption for PHI Workloads
Why ClearDATA
App 1(no PHI)
MS HCLC Customer
Risk & Compliance
App Dev IT Ops
App 2
LegalCSA
Fast, Simple Execution
Risk & Compliance
Comprehensive BAA
LegalApp Dev & IT Ops
HIPAA Compliance
?
PHI PHI
App 2
Extended contracting, Risk & Compliance Delays, Slower MS
Consumption
+ +
2nd App – PHI DataOption 1 – MS + DIY• Delayed Time to Value
• Increased Risk
• Slower MS Consumption
Customer
Functional
View
Slower
MS
Adoption
Go Live
10Proprietary & ConfidentialSECURE • HEALTHCARE • CLOUD
Fast, Frictionless MS Consumption for PHI Workloads
Why ClearDATA
App 1(no PHI)
MS HCLC Customer
Risk & Compliance
App Dev IT Ops
LegalCSA
Fast, Simple Execution
Risk & Compliance
ClearDATA Comprehensive BAA
LegalApp Dev & IT Ops
ClearDATA HIPAA Compliance Framework
Fast Contracting, CD Compliance Framework, Accelerated Azure Consumption
+ +
2nd – 5th App – PHI DataOption 2 – MS + ClearDATA
✓ Faster time to Value✓ Reduced risk
✓ Accelerated MS Consumption
Customer Functional View
FasterMS Adoption= $$$$$
App 2
PHI
App 5
PHI
App 3
PHI
App 4
PHI
+ + +
Go Live Go Live Go Live Go Live
11Proprietary & ConfidentialSECURE • HEALTHCARE • CLOUD
The Johns Hopkins ACG accepts data set from external partners and runs analytics routines storing the results in Azure SQL. This is accomplished utilizing Azure Automation, Functions, and VM solutions. As client was using Azure, they hit a roadblock with PHI. They had challenges proceeding and keeping this solution compliant in accordance to HIPAA regulations on a HITRUST certified platform. ClearDATA was contacted for assistance on Azure. They discovered we can provide other components like our dashboard to help support ACG's regulatory compliance posture in Azure.
Status:
They are in the process of reviewing BAA between ClearDATA and Johns Hopkins at this time.
Partnering:
AE/ClearDATA Channel Manager logged the opportunity in MS PSX. We then connected with the Microsoft SAE covering the account. The SAE opened this up the larger Microsoft team for joint growth strategy as client now expects to consume larger ACR. Microsoft/ClearDATA meeting to broaden our reach within Johns Hopkins together.
USE CASE
ClearDATA
Customer Data
Platform
Applications
Identity & Access Mgmt
Operating Systems,
Network & Firewall
Configurations
Client-side Data Encryption
Server-side Data Encryption
Network Traffic Protection
Foundation Services
Global Infrastructure
Availability Zones
Regions
Edge Locations
— —
Automation, HC Reg. Compliant Management Platform
——
ClearDATA Platform
—✓
———
✓✓✓
✓✓✓
✓✓✓
✓
✓
———
Compute, Storage, Database, Networking
✓
✓✓✓
The Cloud
www.cleardata.comProprietary & Confidential
Platform | Comply | Services | BAA | Locate | Professional Services
Comprehensive BAA
13Proprietary & ConfidentialSECURE • HEALTHCARE • CLOUD
1. ClearDATA is MS Reseller
2. ClearDATA Fees as % of MS Spend
• Covers all Compliance Platform and managed service 24x7 operational support
• Volume pricing available (over $100k MRR)
3. MS Sellers – Same Compensation
• Same comp as MS direct or BYOC
• Faster growth of PHI applications
Complimentary Business Model
✓Fast process – 100’s of healthcare customers on-boarded
✓ClearDATA fees are competitive –Do it Yourself (“DIY”) is hard
✓Microsoft Reps Get paid the same and get faster PHI application consumption
Key Elements Key Benefits
www.cleardata.comProprietary & Confidential
How Can We Help
Driving Deals Forward
Identify
Opportunities in
Accounts
We understand healthcare and can identify
opportunities quickly
Help customers
gain overall value
in Microsoft
Investment
By removing many of the security complexities
Healthcare organizations are facing, we help
drive the adoption cycle for your customers not
just on Azure but on other workloads
Onboarding Net
New
Removing the delay and security challenges on
the front end, enable faster adoption for your
deal. We can speak directly to Healthcare unlike
many other vendors.
Providing the
Insurance LayerSimply stated, when Healthcare then, ClearDATA.
www.cleardata.comProprietary & Confidential
Common Misconceptions
Potential Microsoft Seller Concerns
The opposite is true. ClearDATA will accelerate your cycle by meeting your customer’s legal, risk
& compliance and developer requirements.
ClearDATA will slow down my sales
cycle
HIPAA, GxP, GDPR security and compliance requirements are not optional. ClearDATA is
focused on this problem and brings a comprehensive framework likely for less than your
customer’s could achieve on their own – DIY approach.
ClearDATA adds costs and make me
uncompetitive
Yes they can, but just because it’s covered doesn’t mean it’s automatically compliant—there are
still things that must be done. Plus, how long will it take you to negotiate a much more stringent
BAA? Can your customer satisfy their internal risk and compliance teams?
MS has HIPAA certified
services...can’t my customer do it
themselves?
We are multi cloud but agnostic to our customers. We always adhere to the “Rules of
Engagement” If we or you bring us in an account or we work together, we are not going to
recommend or pull another provider in.
ClearDATA is aligned with other
Cloud Providers.
16Proprietary & ConfidentialSECURE • HEALTHCARE • CLOUD
“I need to keep PHI safe and secure in Azure”
“I need to be HIPAA Compliant”
“I’m moving PHI to the cloud but, I’m not sure where to begin and how to sustain”
“I need to be compliant against GDPR, GxP, NIST, CIS, …”
Key phrases to listen for
Engage ClearDATA
✓Accelerate your cycle
✓Ensure your customer’s applications are secure and compliant
✓Drive Azure Consumption
✓Enable Net New Deals
If your customer mentions… …then
Professional Services
Rich catalog of services for consulting, education and assessment.
Comply
Allows you to innovate safely with Automated Safeguards,
remediation and real time compliance dashboards.
Locate
A purpose-built, innovative solution that enables
healthcare-aware dynamic tracing of patient data.
BA
A A
ND
HIT
RU
ST PR
OTEC
TIONThe ClearDATA Platform
Healthcare Managed Services
Tiered set of managed services that go beyond automated safeguards to ensure that you remain secure and compliant.
HEA
LTH
CA
RE
EXC
LUSI
VE
www.cleardata.comProprietary & Confidential
FoundationFoundational services designed to demonstrate a culture of continuous compliance with purpose defined user roles and role based access
controls, billing/usage reports and rich knowledge management.
Platform | Comply | Services | BAA | Locate | Professional Services
ClearDATA Professional Services
IMPLEMENTING, OPERATING, OPTIMIZING
CAMP: Cloud Assessment and Migration Planning
GETTING STARTED PROTECTING & SECURING
Cloud Security and Compliance Best Practices
IT Organization Cloud Readiness
International Data Locality Planning
HITRUST Inheritance
Cloud Design
Solution Architecture Design
DevOps Training
CI/CD Pipeline
Cloud Build
Cloud Consumption and Cost Optimization
Firewall Management
GDPR Assessment
Life Sciences Supply Chain Resiliency
Security Risk Assessment (SRA)
Breach Simulation
Pen Tests
Data Life Cycle Mapping and Analysis
Privacy Impact Assessments (PIA)
User Interface Compliance Reviews
www.cleardata.comProprietary & Confidential
Platform | Comply | Services | BAA | Locate | Professional Services
ClearDATA Comply
Healthcare Managed Services
Intrusion Detection
Vulnerability Identification/Remediation
Hardening/Patching
Services:
A team of experts managing your
environment to ensure strong
compliance and security posture at
all times
Tech Stack
Automated Safeguards
Event Logging and Backups
Compliance Dashboard
Services with automation with 135+
technical controls:
Data backup
Encryption at rest
Encryption in transit
IAM & Networking Restrictions
Audit Logging
Log Backups
Ticketing
Billing
RBAC/User Management
Foundation:
Raising tickets
Monthly billing and invoicing
Basic user and RBAC engagement
Customer
Stakeholders
DevOps
Manager
Cloud
Architect
Application
Developers
CISO
Direct access or through
leading orchestration tools
Provable compliance posture of all cloud
services, mapped to regulations
ClearDATA Comply
Platform safeguards PHI
applications to enable
customer innovation
www.cleardata.comProprietary & Confidential
Customer Cloud Environment
Platform | Comply | Services | BAA | Locate | Professional Services
ClearDATA Layer
Regulatory
Standards &
Certifications
GDPR
GXP
NIST
ISO 27001
HIPAA
ClearDATA
AUTOMATED SAFEGUARDS
(CONTROLS)
Bucket ACL Service
Bucket Policy Status
Static Web Hosting Status
Versioning Enabled
Log Monitoring Status
Defense Encryption
Secure Transport
HIPAA (Standard) HIPAA Security
Rule
GDPR (Standard) GDPR Article
HITRUST
(Certification)HITRUST Control
ISO 27001
(Certification)
ISO 27001
Annex A
Guidelines
ClearDATA COMPLY Automated Safeguards
Cloud Service 2
FOUNDATION | COMPLY | CUSTOMER SUCCESS | LOCATE I SERVICES
Customer Application
Developers
Cloud Service 1
Control 1
Control 2
Control 3
Control n
Control 1
Control 2
Control 3
Control n
1ClearDATA interprets the standards &certifications and crafts automatedsafeguards which protect our customers cloud services.
2
3
Customer application teams can provision services directly from cloud provider. ClearDATA Automated Safeguards check each service against specific controls and allow properly configured services to be deployed.
In the event that ClearDATA Automated Safeguards detect a problem at provisioning or in-flight, the service is either remediated, terminated, or it is never enabled.
Today, ClearDATA offers Automated Safeguards
for 32 Services with automation around 125 Technical Controls
www.cleardata.comProprietary & confidential
Compliance Dashboard
CUSTOMER SUBSCRIPTIONClearDATA AUTOMATION YOUR USERS
Users
Backups
Log Analytics Protection
Encryption
Azure Functions
Azure Policy
Networking
Event Grid
Azure Policy used to validate resource configuration When the resource is created the
event is captured by Event Grid
Azure startup functions are triggered by Event Grid
Compliance configuration processes are initiated by the
Azure functions
Resource is registered in the ClearDATA Dashboard
User creates an Azure resource
If policy evaluation fails, deployment will not be allowed to
proceed
www.cleardata.comProprietary & Confidential
Automated Safeguards for Azure
Choose standardor regulation
Documented interpretation of adherence to regulations
Select your date range to view compliance status today or over a period of time
Download auditable proof with daily compliance and trend reports
www.cleardata.comProprietary & Confidential
Platform | Comply | Services | BAA | Locate | Professional Services
Delivered Committed Forecasted
Q2 2019 Q3 2019 Q4 2019
Enhanced Continuous Compliance
with Automated Safeguard and
Compliance Reference Architecture
Updates
• Azure Functions
• Azure Machine Learning
• Azure Data Factory
• Azure Data Lake Storage
• Azure Databricks
• Azure Event Hubs
• SQL Data Warehouse
• Azure Event Grid
• Azure API for FHIR
• Microsoft Azure Portal
• Azure DNS
Automated Safeguards and
Compliance Dashboard expansion
• Azure Functions
• Azure Machine Learning
• Azure Data Factory
• Azure Data Lake Storage
• Azure Databricks
• Azure Event Hubs
• SQL Data Warehouse
Azure Kubernetes Service
Integration
• Automated enforcement of strict
security controls when deploying
Azure Kubernetes
Automated Safeguards and
Compliance Dashboard expansion
• Visibility of current and historical
attainment of compliance
objectives relative to HIPAA, GDPR,
and other compliance regimes
• Azure Container Registry
• Azure Key Vault
• Azure ML Workspace
• Azure Analysis Services
• Azure Disk Storage
• Azure Monitor
• Application Gateway
• Load Balancer
• Log Analytics
Compliance event alerting
Managed SSL VPN
www.cleardata.comProprietary & Confidential
Case Study - HumanaCompany Description: Humana Inc. is a for-profit American health insurance company based in Louisville, Kentucky. As of
2014 Humana had over 13 million customers in the U.S., reported a 2013 revenue of US$41.3
billion, and had 51,600 employees. In 2018, the company ranked 56 on the Fortune 500 list, which
made it the highest ranked company based in Kentucky. It has been the third largest health
insurance in the nation.
Why ClearDATA: Humana achieved trifecta status by adding Azure resources to those already managed for AWS and
GCP. Humana decided to pivot their Digital Health and Analytics [DH&A] platform to Azure. Our
Azure product team was likewise able to pivot and align sprint objects to achieve 13 safeguards for
Azure services by the end of May, which illustrated our agile capacity and acceleration in the market
Sales Engagement and Process
Our Partnership will provide:
• Deep healthcare industry and
compliance requirement expertise
• Alignment with mutual prospects with
winning strategy (i.e. Account mapping and
field engagement)
• Leveraging our joint value proposition to
tag team/co-sell more opportunities
• Accelerate and close more deals!
ClearDATA Point of Contacts:
Theresa Martin| Channel & Alliances | [email protected]
Prince Lal |VP Channel | [email protected]
ClearDATAPartner
Advantage
Identify Prospects
Contact ClearDATA
Partner Team
Joint Intro Call and/or
Customer Visit
Joint Value Proposition
Solution
Win Customers!
+