ClearDATA = Microsoft Partner of Choice for PHI Applications · SECURE •HEALTHCARE •CLOUD...

Making healthcare better every single day.

Austin, TX (HQ)

101 West 6th Street, Suite 310

Austin, TX 78701, United States

Phone: + 1 (833) 992-5327

Support: + 1 (602) 635-4004

Web: www.cleardata.com

ClearDATA = Microsoft Partner of Choice for PHI

Applications

Accelerating Cloud Adoption in Healthcare

2Proprietary & ConfidentialSECURE • HEALTHCARE • CLOUD

• Intro

• ClearDATA Background

• Overview

• Solution Review

• Questions

ClearDATA

Agenda

ClearDATA Overview

www.cleardata.comProprietary & Confidential

ClearDATA is the nation’s only healthcare-exclusive cloud computing company. As the healthcare market leader, ClearDATA products and services are positioned to solve the three fundamental changes facing Healthcare IT:

• Modernizing Infrastructure• Securing and protecting patient data • Improving data interoperability

ClearDATA is headquartered in Austin with national coverage

Founded: 2009

Solution Areas: Security & Compliance, GDPR Practice

Key Verticals: Healthcare Payer | Healthcare Providers |Healthcare Pharma/Life Sciences |Healthcare SaaS Companies |Biotech

Target Client Base: Enterprise, Mid-Market, and Startups

Our Expertise

We've Earned the Trust of Clients Across Healthcare & Life Sciences

At-Scale Analytics/

GenomicsCore

Collaboration

M&A

Integration

IT Transformation

Modernization

Consumer

Mobile

Data Center

Extension

Next Gen

B-Up/DR

Unify Test

& Production

To Help Them Build Innovative Applications in the Cloud in a Secure & Compliant Manner

PROVIDERS LIFE SCIENCES HEALTHCARE TECHNOLOGY PAYERS



DEMONSTRATE

Continuous compliance monitoring,

alerting, visualizing

REMEDIATE

Privacy, Security, Compliance automated

evaluation & remediation

Accelerate cloud adoption

ClearDATA

ACCELERATE AUTOMATE INNOVATE

Eliminate manual, fragile processes, automate cloud,

security & compliance

Digital Transformation

allows enterprises to be modern and agile

– unlocking innovation

Enabling Innovation


Common Misconceptions

Common Audience

CIO are a core audienceCIO

CISO, Info Sec, Compliance, Regulatory OfficeCISO

We tend to work in multiple areas of the Business. VP,

Dir Applications, Data, Innovation, etc..Director

VP ITVP IT

ClearDATA Accelerates Azure

Consumption

For Healthcare

PHI Applications REQUIRE Enhanced Protection and

Compliance

ClearDATA are the Experts

When you hear PHI, bring in ClearDATA

Accelerate your Sales Cycle

Partnership – 3 Key Takeaways


How We Can Help


Fast, Frictionless MS Consumption for PHI Workloads

Why ClearDATA

App 1(no PHI)

MS HCLC Customer

Risk & Compliance

App Dev IT Ops

LegalCSA

Fast, Simple Execution

First Application No PHI Data

✓ Simple Contracts✓ Risk & Compliance

✓ IT Execution



Why ClearDATA

App 1(no PHI)

MS HCLC Customer

Risk & Compliance

App Dev IT Ops

App 2

LegalCSA


Risk & Compliance

Comprehensive BAA

LegalApp Dev & IT Ops

HIPAA Compliance

?

PHI PHI

App 2

Extended contracting, Risk & Compliance Delays, Slower MS

Consumption

+ +

2nd App – PHI DataOption 1 – MS + DIY• Delayed Time to Value

• Increased Risk

• Slower MS Consumption

Customer

Functional

View

Slower

MS

Adoption

Go Live



Why ClearDATA

App 1(no PHI)

MS HCLC Customer

Risk & Compliance

App Dev IT Ops

LegalCSA


Risk & Compliance

ClearDATA Comprehensive BAA

LegalApp Dev & IT Ops

ClearDATA HIPAA Compliance Framework

Fast Contracting, CD Compliance Framework, Accelerated Azure Consumption

+ +

2nd – 5th App – PHI DataOption 2 – MS + ClearDATA

✓ Faster time to Value✓ Reduced risk

✓ Accelerated MS Consumption

Customer Functional View

FasterMS Adoption= $$$$$

App 2

PHI

App 5

PHI

App 3

PHI

App 4

PHI

+ + +

Go Live Go Live Go Live Go Live


The Johns Hopkins ACG accepts data set from external partners and runs analytics routines storing the results in Azure SQL. This is accomplished utilizing Azure Automation, Functions, and VM solutions. As client was using Azure, they hit a roadblock with PHI. They had challenges proceeding and keeping this solution compliant in accordance to HIPAA regulations on a HITRUST certified platform. ClearDATA was contacted for assistance on Azure. They discovered we can provide other components like our dashboard to help support ACG's regulatory compliance posture in Azure.

Status:

They are in the process of reviewing BAA between ClearDATA and Johns Hopkins at this time.

Partnering:

AE/ClearDATA Channel Manager logged the opportunity in MS PSX. We then connected with the Microsoft SAE covering the account. The SAE opened this up the larger Microsoft team for joint growth strategy as client now expects to consume larger ACR. Microsoft/ClearDATA meeting to broaden our reach within Johns Hopkins together.

USE CASE

ClearDATA

Customer Data

Platform

Applications

Identity & Access Mgmt

Operating Systems,

Network & Firewall

Configurations

Client-side Data Encryption

Server-side Data Encryption

Network Traffic Protection

Foundation Services

Global Infrastructure

Availability Zones

Regions

Edge Locations

— —

Automation, HC Reg. Compliant Management Platform

——

ClearDATA Platform

—✓

———

✓✓✓

✓✓✓

✓✓✓

✓

✓

———

Compute, Storage, Database, Networking

✓

✓✓✓

The Cloud


Platform | Comply | Services | BAA | Locate | Professional Services

Comprehensive BAA


1. ClearDATA is MS Reseller

2. ClearDATA Fees as % of MS Spend

• Covers all Compliance Platform and managed service 24x7 operational support

• Volume pricing available (over $100k MRR)

3. MS Sellers – Same Compensation

• Same comp as MS direct or BYOC

• Faster growth of PHI applications

Complimentary Business Model

✓Fast process – 100’s of healthcare customers on-boarded

✓ClearDATA fees are competitive –Do it Yourself (“DIY”) is hard

✓Microsoft Reps Get paid the same and get faster PHI application consumption

Key Elements Key Benefits


How Can We Help

Driving Deals Forward

Identify

Opportunities in

Accounts

We understand healthcare and can identify

opportunities quickly

Help customers

gain overall value

in Microsoft

Investment

By removing many of the security complexities

Healthcare organizations are facing, we help

drive the adoption cycle for your customers not

just on Azure but on other workloads

Onboarding Net

New

Removing the delay and security challenges on

the front end, enable faster adoption for your

deal. We can speak directly to Healthcare unlike

many other vendors.

Providing the

Insurance LayerSimply stated, when Healthcare then, ClearDATA.


Common Misconceptions

Potential Microsoft Seller Concerns

The opposite is true. ClearDATA will accelerate your cycle by meeting your customer’s legal, risk

& compliance and developer requirements.

ClearDATA will slow down my sales

cycle

HIPAA, GxP, GDPR security and compliance requirements are not optional. ClearDATA is

focused on this problem and brings a comprehensive framework likely for less than your

customer’s could achieve on their own – DIY approach.

ClearDATA adds costs and make me

uncompetitive

Yes they can, but just because it’s covered doesn’t mean it’s automatically compliant—there are

still things that must be done. Plus, how long will it take you to negotiate a much more stringent

BAA? Can your customer satisfy their internal risk and compliance teams?

MS has HIPAA certified

services...can’t my customer do it

themselves?

We are multi cloud but agnostic to our customers. We always adhere to the “Rules of

Engagement” If we or you bring us in an account or we work together, we are not going to

recommend or pull another provider in.

ClearDATA is aligned with other

Cloud Providers.


“I need to keep PHI safe and secure in Azure”

“I need to be HIPAA Compliant”

“I’m moving PHI to the cloud but, I’m not sure where to begin and how to sustain”

“I need to be compliant against GDPR, GxP, NIST, CIS, …”

Key phrases to listen for

Engage ClearDATA

✓Accelerate your cycle

✓Ensure your customer’s applications are secure and compliant

✓Drive Azure Consumption

✓Enable Net New Deals

If your customer mentions… …then

Professional Services

Rich catalog of services for consulting, education and assessment.

Comply

Allows you to innovate safely with Automated Safeguards,

remediation and real time compliance dashboards.

Locate

A purpose-built, innovative solution that enables

healthcare-aware dynamic tracing of patient data.

BA

A A

ND

HIT

RU

ST PR

OTEC

TIONThe ClearDATA Platform

Healthcare Managed Services

Tiered set of managed services that go beyond automated safeguards to ensure that you remain secure and compliant.

HEA

LTH

CA

RE

EXC

LUSI

VE


FoundationFoundational services designed to demonstrate a culture of continuous compliance with purpose defined user roles and role based access

controls, billing/usage reports and rich knowledge management.


ClearDATA Professional Services

IMPLEMENTING, OPERATING, OPTIMIZING

CAMP: Cloud Assessment and Migration Planning

GETTING STARTED PROTECTING & SECURING

Cloud Security and Compliance Best Practices

IT Organization Cloud Readiness

International Data Locality Planning

HITRUST Inheritance

Cloud Design

Solution Architecture Design

DevOps Training

CI/CD Pipeline

Cloud Build

Cloud Consumption and Cost Optimization

Firewall Management

GDPR Assessment

Life Sciences Supply Chain Resiliency

Security Risk Assessment (SRA)

Breach Simulation

Pen Tests

Data Life Cycle Mapping and Analysis

Privacy Impact Assessments (PIA)

User Interface Compliance Reviews



ClearDATA Comply

Healthcare Managed Services

Intrusion Detection

Vulnerability Identification/Remediation

Hardening/Patching

Services:

A team of experts managing your

environment to ensure strong

compliance and security posture at

all times

Tech Stack

Automated Safeguards

Event Logging and Backups

Compliance Dashboard

Services with automation with 135+

technical controls:

Data backup

Encryption at rest

Encryption in transit

IAM & Networking Restrictions

Audit Logging

Log Backups

Ticketing

Billing

RBAC/User Management

Foundation:

Raising tickets

Monthly billing and invoicing

Basic user and RBAC engagement

Customer

Stakeholders

DevOps

Manager

Cloud

Architect

Application

Developers

CISO

Direct access or through

leading orchestration tools

Provable compliance posture of all cloud

services, mapped to regulations

ClearDATA Comply

Platform safeguards PHI

applications to enable

customer innovation


Customer Cloud Environment


ClearDATA Layer

Regulatory

Standards &

Certifications

GDPR

GXP

NIST

ISO 27001

HIPAA

ClearDATA

AUTOMATED SAFEGUARDS

(CONTROLS)

Bucket ACL Service

Bucket Policy Status

Static Web Hosting Status

Versioning Enabled

Log Monitoring Status

Defense Encryption

Secure Transport

HIPAA (Standard) HIPAA Security

Rule

GDPR (Standard) GDPR Article

HITRUST

(Certification)HITRUST Control

ISO 27001

(Certification)

ISO 27001

Annex A

Guidelines

ClearDATA COMPLY Automated Safeguards

Cloud Service 2

FOUNDATION | COMPLY | CUSTOMER SUCCESS | LOCATE I SERVICES

Customer Application

Developers

Cloud Service 1

Control 1

Control 2

Control 3

Control n

Control 1

Control 2

Control 3

Control n

1ClearDATA interprets the standards &certifications and crafts automatedsafeguards which protect our customers cloud services.

2

3

Customer application teams can provision services directly from cloud provider. ClearDATA Automated Safeguards check each service against specific controls and allow properly configured services to be deployed.

In the event that ClearDATA Automated Safeguards detect a problem at provisioning or in-flight, the service is either remediated, terminated, or it is never enabled.

Today, ClearDATA offers Automated Safeguards

for 32 Services with automation around 125 Technical Controls

www.cleardata.comProprietary & confidential

Compliance Dashboard

CUSTOMER SUBSCRIPTIONClearDATA AUTOMATION YOUR USERS

Users

Backups

Log Analytics Protection

Encryption

Azure Functions

Azure Policy

Networking

Event Grid

Azure Policy used to validate resource configuration When the resource is created the

event is captured by Event Grid

Azure startup functions are triggered by Event Grid

Compliance configuration processes are initiated by the

Azure functions

Resource is registered in the ClearDATA Dashboard

User creates an Azure resource

If policy evaluation fails, deployment will not be allowed to

proceed


Automated Safeguards for Azure

Choose standardor regulation

Documented interpretation of adherence to regulations

Select your date range to view compliance status today or over a period of time

Download auditable proof with daily compliance and trend reports



Delivered Committed Forecasted

Q2 2019 Q3 2019 Q4 2019

Enhanced Continuous Compliance

with Automated Safeguard and

Compliance Reference Architecture

Updates

• Azure Functions

• Azure Machine Learning

• Azure Data Factory

• Azure Data Lake Storage

• Azure Databricks

• Azure Event Hubs

• SQL Data Warehouse

• Azure Event Grid

• Azure API for FHIR

• Microsoft Azure Portal

• Azure DNS

Automated Safeguards and

Compliance Dashboard expansion

• Azure Functions

• Azure Machine Learning

• Azure Data Factory

• Azure Data Lake Storage

• Azure Databricks

• Azure Event Hubs

• SQL Data Warehouse

Azure Kubernetes Service

Integration

• Automated enforcement of strict

security controls when deploying

Azure Kubernetes

Automated Safeguards and

Compliance Dashboard expansion

• Visibility of current and historical

attainment of compliance

objectives relative to HIPAA, GDPR,

and other compliance regimes

• Azure Container Registry

• Azure Key Vault

• Azure ML Workspace

• Azure Analysis Services

• Azure Disk Storage

• Azure Monitor

• Application Gateway

• Load Balancer

• Log Analytics

Compliance event alerting

Managed SSL VPN


Case Study - HumanaCompany Description: Humana Inc. is a for-profit American health insurance company based in Louisville, Kentucky. As of

2014 Humana had over 13 million customers in the U.S., reported a 2013 revenue of US$41.3

billion, and had 51,600 employees. In 2018, the company ranked 56 on the Fortune 500 list, which

made it the highest ranked company based in Kentucky. It has been the third largest health

insurance in the nation.

Why ClearDATA: Humana achieved trifecta status by adding Azure resources to those already managed for AWS and

GCP. Humana decided to pivot their Digital Health and Analytics [DH&A] platform to Azure. Our

Azure product team was likewise able to pivot and align sprint objects to achieve 13 safeguards for

Azure services by the end of May, which illustrated our agile capacity and acceleration in the market

Sales Engagement and Process

Our Partnership will provide:

• Deep healthcare industry and

compliance requirement expertise

• Alignment with mutual prospects with

winning strategy (i.e. Account mapping and

field engagement)

• Leveraging our joint value proposition to

tag team/co-sell more opportunities

• Accelerate and close more deals!

ClearDATA Point of Contacts:

Theresa Martin| Channel & Alliances | [email protected]

Prince Lal |VP Channel | [email protected]

ClearDATAPartner

Advantage

Identify Prospects

Contact ClearDATA

Partner Team

Joint Intro Call and/or

Customer Visit

Joint Value Proposition

Solution

Win Customers!

+

mailto:[email protected]

ClearDATA = Microsoft Partner of Choice for PHI Applications · SECURE •HEALTHCARE •CLOUD...

Documents

Transcript of ClearDATA = Microsoft Partner of Choice for PHI Applications · SECURE •HEALTHCARE •CLOUD...