How Redsson Built A Robust HIPAA Security Program

Learn how this healthtech company developed their HIPAA compliance program

Redsson – Productivity Software For Healthcare Providers

Redsson, a Toledo, Ohio based software and business solutions provider with offices in Denver, Colorado and Toledo, Ohio, offers a range of technical solutions for healthcare. One of their offerings is a service that helps health systems’ cancer registries find lost patients and maintain follow up communication with them. For Redsson, given the nature of the sensitive data that they handle means security and compliance is of paramount importance. The company also recognized the importance that their healthcare customers place on compliance and security.

Challenges

Issues with compliance visibility and managing HIPAA compliance

Prior to working with Dash Solutions, Redsson deployed their infrastructure across several different infrastructure providers, including separating their healthcare application with a separate hosting provider from some of their other business applications. Redsson also evaluated a proprietary cloud platform that provided security controls.

Despite the technical controls that the platform provided, Redsson still found themselves spending an inordinate amount of time responding to and satisfying security requirements for each prospective customer engagement.

Compliance Challenges

“Even once we moved to the proprietary HIPAA cloud, we still struggled with security questionnaires due to not having enough internal formal policies nor an understanding of how to handle the types of questions we received”

– Jacob Parsell, CTO

Setting Policies & Controls

The company lacked internal policies and a greater understanding of security program, making it difficult to assess and maintain compliance.

Security Questionnaires

The company struggled with security questionnaires and spent a lot of time answering security risk assessments (SRAs) required by clients.

Limited Cloud Services

The company was restricted to using proprietary cloud services with little flexibility, when using alternative proprietary cloud and on-premises solutions.

Solution

Redsson Developed A Robust HIPAA Security Program With Dash

Redsson chose to work with Dash ComplyOps for many reasons. They had a strong desire to reduce the time spent on security questionnaires, as well as a desire to consolidate their environment into Amazon Web Services (AWS) and utilize services such as Amazon S3 and Amazon EC2 Auto Scaling in a HIPAA compliant manner. In order to do so, they needed a solution which handled both the technical and administrative controls of HIPAA as well as a partner with experience assisting healthcare apps to deploy into the public cloud.

Installing and working with Dash empowered Redsson to utilize AWS and its best in class capabilities; Redsson was able to better respond to customer security questionnaires and saved thousands of dollars each month and hundreds of hours each year in the process.

Benefits Achieved With Dash

Redsson is one of many clients utilizing the Dash ComplyOps to achieve proficiency in HIPAA compliance. Dash enables healthcare companies and organizations to generate custom compliance policies and administrative controls. By saving organizations hundreds of hours of time on administrative processes, simplifying security and compliance assessments, Dash ComplyOps enables innovators to get to market faster.

“We were able to deploy to AWS, and Dash offered the technical monitoring and controls which allowed this to happen. We wrote and implemented solid policies that were actually enacted and enforced. Dash actually cared about all of our policies, even outside the scope of what Dash could monitor or connect into – such as things on the administrative levels.”

Jacob Parsell

CTO, Redsson

Build and Automate Your HIPAA Security Program

Learn how Dash makes it easy to develop your HIPAA compliance program and manage compliance within your organization