Why many healthcare providers don't trust MSPs

Posted by Manny Veiga on Apr 14, 2014 1:18:00 PM

Find me on:

Some MSPs would tell you trust is everything in the IT channel, and perhaps no sector presents a bigger challenge for services providers looking to earn customer trust than healthcare.trust

A recent report from the Ponemon Institute demonstrates just how big a hill providers must climb to earn their healthcare clients' trust. 

The Fourth Annual Benchmark Study on Patient Privacy and Data Security found that 40 percent of healthcare providers are "not confident" in the ability of their contractors and subcontractors to manage sensitive patient information.

An additional 33 percent of respondents were only "somewhat confident" that their business associates could handle this data.

InformationWeek HealthCare reported on the findings of the study. According to the report, healthcare providers were most skeptical of IT service providers, with 75 percent of respondents saying these partners post the biggest risk. 

Insurance professionals, pharmacy benefits managers, and data analysts were also some of the outsourced support service providers cited by healthcare professionals as being less-than-trustworthy of handling patient data.

Why the skepticism?

The report might be surprising to some, given that the HIPAA Final Omnibus Rule makes business associates just as liable to HIPAA violation penalties as any healthcare provider.

You might think that, knowing their IT service partners are on the hook for massive fines, healthcare providers might have confidence that those partners are doing everything they can to secure patient data.

But, according to Ponemon, that's simply not the case. Part of the reason may be that many MSPs aren't themselves confident in their ability to deliver HIPAA compliant services.

The InformationWeek report cited a September 2013 study from IT audit and compliance firm Coalfire, which revealed that 32 percent of business associates were unaware of their new responsibilities under the HIPAA Omnibus rule.

And that's certainly not an uncommon message to hear in the channel. It was a major reason why we developed our HIPAA Resource Center webpage and delivered several HIPAA webinars to help educate MSPs on these responsibilities. 

How do you gain your healthcare client's trust?

The Ponemon study's findings are enough to scare off any IT service provider thinking about the healthcare industry. If you're encountering a distrustful customer base, why bother working in healthcare at all?

But as a number of Intronis partners have proven, HIPAA compliance can be the foundation of major business growth and vertical credibility if you take the right approach. 

For example, Chris Johnson of Untangled Solutions drove 130 percent revenue growth by specializing in healthcare IT and reselling HIPAA compliant cloud backup. His no-compromise approach to compliant IT services puts him in the driver's seat and encourages client trust by positioning him as the healthcare compliance expert. Read more about Untangled Solutions' approach to selling healthcare IT.

Dan Edwards of Intronis partner Pact-One Solutions earns clients' trust by keeping himself up to speed on the latest HIPAA compliance regulations. He attends seminars and training, and shares his expertise with existing and potential customers at dental industry meetings and conferences.

These are just two examples of partners who, despite industry skepticism, are able to gain the trust of healthcare providers in need of compliant IT servies. And to their benefit, they've been able to turn what seems like an impossible challenge into a major MSP sales opportunity.

Topics: HIPAA and Healthcare IT