ClearDATA = Microsoft Partner of Choice for PHI Applications - - PowerPoint PPT Presentation
Accelerating Cloud Adoption in Healthcare ClearDATA = Microsoft Partner of Choice for PHI Applications Austin, TX (HQ) Phone: + 1 (833) 992-5327 Making healthcare better every single day. 101 West 6 th Street, Suite 310 Support: + 1 (602)
Making healthcare better every single day.
Austin, TX (HQ) 101 West 6th Street, Suite 310 Austin, TX 78701, United States Phone: + 1 (833) 992-5327 Support: + 1 (602) 635-4004 Web: www.cleardata.com
2
Proprietary & Confidential
SECURE • HEALTHCARE • CLOUD
ClearDATA
www.cleardata.com Proprietary & Confidential
ClearDATA is the nation’s only healthcare-exclusive cloud computing company. As the healthcare market leader, ClearDATA products and services are positioned to solve the three fundamental changes facing Healthcare IT:
ClearDATA is headquartered in Austin with national coverage Founded: 2009 Solution Areas: Security & Compliance, GDPR Practice Key Verticals: Healthcare Payer | Healthcare Providers |Healthcare Pharma/Life Sciences |Healthcare SaaS Companies |Biotech Target Client Base: Enterprise, Mid-Market, and Startups
Our Expertise
We've Earned the Trust of Clients Across Healthcare & Life Sciences
At-Scale Analytics/ Genomics Core Collaboration M&A Integration IT Transformation Modernization Consumer Mobile Data Center Extension Next Gen B-Up/DR Unify Test & Production
To Help Them Build Innovative Applications in the Cloud in a Secure & Compliant Manner
PROVIDERS LIFE SCIENCES HEALTHCARE TECHNOLOGY PAYERS www.cleardata.com Proprietary & Confidential
5
Proprietary & Confidential
SECURE • HEALTHCARE • CLOUD
DEMONSTRATE
Continuous compliance monitoring, alerting, visualizing
REMEDIATE
Privacy, Security, Compliance automated evaluation & remediation Accelerate cloud adoption
ACCELERATE AUTOMATE INNOVATE
Eliminate manual, fragile processes, automate cloud, security & compliance Digital Transformation allows enterprises to be modern and agile – unlocking innovation
www.cleardata.com Proprietary & Confidential Common Misconceptions
Common Audience
CIO are a core audience
CISO, Info Sec, Compliance, Regulatory Office
We tend to work in multiple areas of the Business. VP , Dir Applications, Data, Innovation, etc..
VP IT
ClearDATA Accelerates Azure Consumption
For Healthcare
PHI Applications REQUIRE Enhanced Protection and Compliance
ClearDATA are the Experts
When you hear PHI, bring in ClearDATA
Accelerate your Sales Cycle
www.cleardata.com Proprietary & Confidential How We Can Help
8
Proprietary & Confidential
SECURE • HEALTHCARE • CLOUD
App 1 (no PHI) MS HCLC Customer
Risk & Compliance App Dev IT Ops
Legal CSA
Fast, Simple Execution
✓ Simple Contracts ✓ Risk & Compliance ✓ IT Execution
9
Proprietary & Confidential
SECURE • HEALTHCARE • CLOUD
App 1 (no PHI) MS HCLC Customer
Risk & Compliance App Dev IT Ops
App 2
Legal CSA
Fast, Simple Execution
Risk & Compliance
Comprehensive BAA
Legal App Dev & IT Ops
HIPAA Compliance
PHI PHI
App 2 Extended contracting, Risk & Compliance Delays, Slower MS Consumption
Customer Functional View Slower MS Adoption Go Live
10
Proprietary & Confidential
SECURE • HEALTHCARE • CLOUD
App 1 (no PHI) MS HCLC Customer
Risk & Compliance App Dev IT Ops
Legal CSA
Fast, Simple Execution
Risk & Compliance
ClearDATA Comprehensive BAA
Legal App Dev & IT Ops
ClearDATA HIPAA Compliance Framework Fast Contracting, CD Compliance Framework, Accelerated Azure Consumption
✓ Faster time to Value ✓ Reduced risk ✓ Accelerated MS Consumption Customer Functional View Faster MS Adoption = $$$$$
App 2
PHI
App 5
PHI
App 3
PHI
App 4
PHI
Go Live Go Live Go Live Go Live
11
Proprietary & Confidential
SECURE • HEALTHCARE • CLOUD
The Johns Hopkins ACG accepts data set from external partners and runs analytics routines storing the results in Azure SQL. This is accomplished utilizing Azure Automation, Functions, and VM
and keeping this solution compliant in accordance to HIPAA regulations on a HITRUST certified
components like our dashboard to help support ACG's regulatory compliance posture in Azure. Status: They are in the process of reviewing BAA between ClearDATA and Johns Hopkins at this time. Partnering: AE/ClearDATA Channel Manager logged the opportunity in MS PSX. We then connected with the Microsoft SAE covering the account. The SAE opened this up the larger Microsoft team for joint growth strategy as client now expects to consume larger ACR. Microsoft/ClearDATA meeting to broaden our reach within Johns Hopkins together. USE CASE
Customer Data Platform Applications Identity & Access Mgmt Operating Systems, Network & Firewall Configurations Client-side Data Encryption Server-side Data Encryption Network Traffic Protection Foundation Services Global Infrastructure Availability Zones Regions Edge Locations
— —
Automation, HC Reg. Compliant Management Platform
— —
ClearDATA Platform
— ✓ — — — ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ — — —
Compute, Storage, Database, Networking
✓ ✓ ✓ ✓
The Cloud
www.cleardata.com Proprietary & Confidential Platform | Comply | Services | BAA | Locate | Professional Services
Comprehensive BAA
13
Proprietary & Confidential
SECURE • HEALTHCARE • CLOUD
1. ClearDATA is MS Reseller 2. ClearDATA Fees as % of MS Spend
managed service 24x7 operational support
3. MS Sellers – Same Compensation
Key Elements Key Benefits
www.cleardata.com Proprietary & Confidential How Can We Help
Driving Deals Forward
Identify Opportunities in Accounts
We understand healthcare and can identify
Help customers gain overall value in Microsoft Investment
By removing many of the security complexities Healthcare organizations are facing, we help drive the adoption cycle for your customers not just on Azure but on other workloads
Onboarding Net New
Removing the delay and security challenges on the front end, enable faster adoption for your
many other vendors.
Providing the Insurance Layer
Simply stated, when Healthcare then, ClearDATA.
www.cleardata.com Proprietary & Confidential Common Misconceptions
Potential Microsoft Seller Concerns
The opposite is true. ClearDATA will accelerate your cycle by meeting your customer’s legal, risk & compliance and developer requirements.
ClearDATA will slow down my sales cycle
HIPAA, GxP , GDPR security and compliance requirements are not optional. ClearDATA is focused on this problem and brings a comprehensive framework likely for less than your customer’s could achieve on their own – DIY approach.
ClearDATA adds costs and make me uncompetitive
Yes they can, but just because it’s covered doesn’t mean it’s automatically compliant—there are still things that must be done. Plus, how long will it take you to negotiate a much more stringent BAA? Can your customer satisfy their internal risk and compliance teams?
MS has HIPAA certified services...can’t my customer do it themselves?
We are multi cloud but agnostic to our customers. We always adhere to the “Rules of Engagement” If we or you bring us in an account or we work together, we are not going to recommend or pull another provider in.
ClearDATA is aligned with other Cloud Providers.
16
Proprietary & Confidential
SECURE • HEALTHCARE • CLOUD
“I need to keep PHI safe and secure in Azure” “I need to be HIPAA Compliant” “I’m moving PHI to the cloud but, I’m not sure where to begin and how to sustain” “I need to be compliant against GDPR, GxP , NIST, CIS, …”
✓Accelerate your cycle ✓Ensure your customer’s applications are secure and compliant ✓Drive Azure Consumption ✓Enable Net New Deals
If your customer mentions… …then
Professional Services
Rich catalog of services for consulting, education and assessment.
Comply
Allows you to innovate safely with Automated Safeguards, remediation and real time compliance dashboards.
Locate
A purpose-built, innovative solution that enables healthcare-aware dynamic tracing of patient data.
BAA AND HITRUST PROTECTION
The ClearDATA Platform
Healthcare Managed Services
Tiered set of managed services that go beyond automated safeguards to ensure that you remain secure and compliant.
HEALTHCARE EXCLUSIVE
www.cleardata.com Proprietary & Confidential Foundation
Foundational services designed to demonstrate a culture of continuous compliance with purpose defined user roles and role based access controls, billing/usage reports and rich knowledge management.
Platform | Comply | Services | BAA | Locate | Professional Services
ClearDATA Professional Services
IMPLEMENTING, OPERATING, OPTIMIZING
CAMP: Cloud Assessment and Migration Planning
GETTING STARTED PROTECTING & SECURING
Cloud Security and Compliance Best Practices IT Organization Cloud Readiness International Data Locality Planning HITRUST Inheritance Cloud Design Solution Architecture Design DevOps Training CI/CD Pipeline Cloud Build Cloud Consumption and Cost Optimization Firewall Management GDPR Assessment Life Sciences Supply Chain Resiliency Security Risk Assessment (SRA) Breach Simulation Pen Tests Data Life Cycle Mapping and Analysis Privacy Impact Assessments (PIA) User Interface Compliance Reviews www.cleardata.com Proprietary & Confidential Platform | Comply | Services | BAA | Locate | Professional Services
ClearDATA Comply
Healthcare Managed Services
Intrusion Detection Vulnerability Identification/Remediation Hardening/Patching
Services: A team of experts managing your environment to ensure strong compliance and security posture at all times
Tech Stack
Automated Safeguards Event Logging and Backups Compliance Dashboard
Services with automation with 135+ technical controls: Data backup Encryption at rest Encryption in transit IAM & Networking Restrictions Audit Logging Log Backups
Ticketing Billing RBAC/User Management
Foundation: Raising tickets Monthly billing and invoicing Basic user and RBAC engagement
Customer Stakeholders
DevOps Manager Cloud Architect Application Developers CISO
Direct access or through leading orchestration tools Provable compliance posture of all cloud services, mapped to regulations ClearDATA Comply Platform safeguards PHI applications to enable customer innovation
www.cleardata.com Proprietary & Confidential
Customer Cloud Environment
Platform | Comply | Services | BAA | Locate | Professional Services
ClearDATA Layer Regulatory Standards & Certifications
GDPR GXP NIST ISO 27001 HIPAA
ClearDATA AUTOMATED SAFEGUARDS (CONTROLS)
Bucket ACL Service Bucket Policy Status Static Web Hosting Status Versioning Enabled Log Monitoring Status Defense Encryption Secure Transport HIPAA (Standard) HIPAA Security Rule GDPR (Standard) GDPR Article HITRUST (Certification) HITRUST Control ISO 27001 (Certification) ISO 27001 Annex A Guidelines
ClearDATA COMPLY Automated Safeguards
Cloud Service 2
FOUNDATION | COMPLY | CUSTOMER SUCCESS | LOCATE I SERVICES
Customer Application Developers
Cloud Service 1
Control 1 Control 2 Control 3 Control n Control 1 Control 2 Control 3 Control n
1
ClearDATA interprets the standards & certifications and crafts automated safeguards which protect our customers cloud services.
2 3
Customer application teams can provision services directly from cloud provider. ClearDATA Automated Safeguards check each service against specific controls and allow properly configured services to be deployed. In the event that ClearDATA Automated Safeguards detect a problem at provisioning or in-flight, the service is either remediated, terminated, or it is never enabled. Today, ClearDATA offers Automated Safeguards for 32 Services with automation around 125
Technical Controls www.cleardata.com Proprietary & confidential
Compliance Dashboard CUSTOMER SUBSCRIPTION ClearDATA AUTOMATION YOUR USERS Users Backups Log Analytics Protection Encryption Azure Functions Azure Policy Networking Event Grid
Azure Policy used to validate resource configuration When the resource is created the event is captured by Event Grid Azure startup functions are triggered by Event Grid Compliance configuration processes are initiated by the Azure functions Resource is registered in the ClearDATA Dashboard User creates an Azure resource If policy evaluation fails, deployment will not be allowed to proceed
www.cleardata.com Proprietary & Confidential
Automated Safeguards for Azure
Choose standard
Documented interpretation of adherence to regulations Select your date range to view compliance status today or over a period of time Download auditable proof with daily compliance and trend reports
www.cleardata.com Proprietary & Confidential Platform | Comply | Services | BAA | Locate | Professional Services
Delivered Committed Forecasted
Enhanced Continuous Compliance with Automated Safeguard and Compliance Reference Architecture Updates
Automated Safeguards and Compliance Dashboard expansion
Azure Kubernetes Service Integration
security controls when deploying Azure Kubernetes Automated Safeguards and Compliance Dashboard expansion
attainment of compliance
and other compliance regimes
Compliance event alerting Managed SSL VPN
www.cleardata.com Proprietary & Confidential
Humana Inc. is a for-profit American health insurance company based in Louisville, Kentucky. As of 2014 Humana had over 13 million customers in the U.S., reported a 2013 revenue of US$41.3 billion, and had 51,600 employees. In 2018, the company ranked 56 on the Fortune 500 list, which made it the highest ranked company based in Kentucky. It has been the third largest health insurance in the nation.
Humana achieved trifecta status by adding Azure resources to those already managed for AWS and GCP . Humana decided to pivot their Digital Health and Analytics [DH&A] platform to Azure. Our Azure product team was likewise able to pivot and align sprint objects to achieve 13 safeguards for Azure services by the end of May, which illustrated our agile capacity and acceleration in the market
Our Partnership will provide:
compliance requirement expertise
winning strategy (i.e. Account mapping and field engagement)
tag team/co-sell more opportunities
ClearDATA Point of Contacts: Theresa Martin| Channel & Alliances | theresa.martin@cleardata.com Prince Lal |VP Channel | Prince.Lal@cleardata.com
ClearDATA Partner Advantage Identify Prospects Contact ClearDATA Partner Team Joint Intro Call and/or Customer Visit Joint Value Proposition Solution Win Customers!