RapidFire Tools has shipped a new solution designed to help MSPs provide compliance management services to customers subject to the federal government’s HIPAA regulation.
Called Audit Guru for HIPAA, the system is the second module in the Atlanta-based vendor’s Audit Guru compliance process automation platform. The first, named Audit Guru for GDPR and released last March, assists in the delivery of compliance-as-a-service offerings to customers bound by the European Union’s General Data Protection Regulation.
According to RapidFire Tools, Audit Guru for HIPAA arms MSPs and their clients to meet all aspects of the HIPAA law’s complex and wide-ranging requirements more efficiently. The solution includes functionality for performing site assessments and risk analyses, tracking the location of protected patient data, ensuring that firewalls and other network devices are properly configured, and more.
It also automatically generates and archives all of the documentation that businesses must produce during HIPAA compliance audits, including “Policies and Procedures” and “Evidence of Compliance” reports. A web-based client access portal offers role-based views of those materials, including one specifically tailored to the needs of auditors conducting an inspection.
Once implemented, the system requires little oversight or administration, according to RapidFire Tools president Michael Mittel. “[It’s] a totally automated process that allows the MSP not only to sell compliance services but to support them cost effectively,” he says.
Channel pros who serve healthcare clients aren’t the only ones who can benefit from those capabilities, Mittel continues. Every MSP has at least one customer subject to HIPAA, he contends, and everyone subject to HIPAA needs help with compliance. Providers who can’t satisfy that need risks losing clients to those who can.
HIPAA compliance offerings are also a great way to attract new clients and differentiate yourself from competitors, Mittel adds, noting that they produce above-average margins as well. “It’s a niche market,” Mittel says, and often yields additional work fixing compliance-related deficiencies. Channel pros can use compliance services as a lead-in full-blown managed service contracts too.
Training and onboarding materials are available to help MSPs new to HIPAA learn how to sell and deliver compliance services. “We have a program that teaches the MSP how to position the product and show the value proposition to prospects and customers,” Mittel says.
Priced at about $6,000 a year, Audit Guru for HIPAA licenses cover an unlimited number of customers, provided they have 150 or fewer endpoints. Enterprise licenses are available for larger accounts.
Audit Guru for HIPAA is RapidFire Tools’ second HIPAA-related product. The first, an assessment module for the company’s Network Detective product, is primarily intended to help MSPs collect information for use in sales proposals. The new system, by contrast, helps MSPs keep clients in compliance with HIPAA requirements on an ongoing basis.
“I view them as complementary,” Mittel says of the two products.
MSPs who buy either the HIPAA or GDPR edition of Audit Guru can purchase the other version as an upgrade and manage it through the same interface. “They don’t have to learn a new product over and over again,” Mittel says.
IT management vendor Kaseya Ltd., which acquired RapidFire Tools for an undisclosed sum last year, plans to add Audit Guru’s new HIPAA functionality to Kaseya Compliance Manager. That product, which the two companies developed collaboratively and shipped last September, is an optional, directly embedded component of Kaseya’s VSA remote monitoring and management solution heavily based on Audit Guru. Mittel declined to specify when its new HIPAA capabilities will reach market.
“We’re working on it now, he says.
Support for regulations beyond GDPR and HIPAA are in development as well. Modules for complying with the PCI DSS regulation, the NIST and ISO 27001 cybersecurity standards, and cyber-insurance requirements are all on the roadmap for 2019, Mittel says, with additional editions to follow. “This is really a platform for an MSP to get into compliance in general,” Mittel says of Audit Guru.
Kaseya Compliance Manager will acquire any new capabilities Audit Guru does shortly afterwards, he adds.
Kaseya isn’t the only managed services software maker with an eye on compliance management. Continuum, for example, added HIPAA compliance support to its security portfolio last September.