Loading...
Answers
MenuWhat does it take to set up a HIPAA compliant infrastructure?
When considering implementing HIPAA in my company, I'd like to know how much it would cost in terms of technology, resources and time.
Answers
It depends on your business/industry. Do you collect, maintain health information on behalf of your company or another company (health care provider or plan)? If not, HIPAA does not apply to you.
For AWS, it costs about $1500 a month minimum because you have to use dedicated EC2 instances. However, if you are already at the point of spending that much per month in EC2 instances anyway, it won't cost much more - it's just that becomes the minimum cost even for a single EC2 server.
There are many AWS services that are not on the HIPAA/BAA approved list, so you'll have to take that into consideration.
By far the most expensive thing is the time it takes to train all your staff and put in place the appropriate administrative controls to ensure that data is safeguarded and patches are put in place.
It's not that expensive to be HIPAA compliant, and if you aren't HIPAA compliant you are likely doing a very bad job of security. I always advise folks to do a good enough job with security (encryption, backups, proper oversight) that everything is HIPAA compliant even if it doesn't have to be.
Also, ever since the 2013 omnibus rule, the HIPAA rules flow out to infrastructure providers even if their product seems to not be specifically about health data - if you have a customer that passes health data through your systems, you are on the hook. Even if your product is very generic like a helpdesk ticketing system.
Related Questions
-
What Is the best pricing structure for a digital therapy app distributed by healthcare providers?
So the firs thing I wonder about this is not what the price will be, but how will you get mental health providers to integrate the app into their workflow? What is the ROI specifically that would make a company want to buy this? How can you justify the cost with the value provided? Is this something that can be billled for? What is the entire interaction between the patient and the doctor? Is the doctor going to get paid for using this? What is the benefit to the provider for implementing this? Once you understand the perspectives and experiences of every individual who is touching the product then you can start thinking about price.MM
-
I want to create a new wearable/portable healthcare device. What area of medicine should I focus on?
Focus on apps/devices that make it easier to manage chronic diseases--asthma, COPD, diabetes, or other issues like infertility. Managing these ailments can be cumbersome, and most patients fail at managing them. This is where mobile devices can offer the most benefit.CP
-
We're creating a mission-critical hospital communication system. Given its our startup's 1st app, how do we convince Execs we'll be around in 12mths?
I would disagree with Laura's advice about allowing your communication system to operate in-tandem to what you're trying to displace. Hospital staff have very little appetite to learn or adopt new systems, especially for mission-critical work. I also disagree with the idea that your competitors are an ideal partner. They will force you to adopt their processes and live by their rules, severely limiting your upside and will often waste your time with misleading signals of interest. Has this objection cost you any sales yet? If not, don't over-think this. Is it an objection that you've just been given and you're about to close or lose a sale over? If that's the case, call me or someone and talk through this right now. Otherwise, focus on ensuring that the client is totally bought-in to using your software (trial or otherwise). If this issue comes up, you have a number of ways to address this: Generally speaking, even with mission-critical software, the due diligence doesn't include financial analysis of the vendor. So just project the confidence that you *will* be around and you should be fine. If not, there are actual contract-specific language that you could use to address this but you really should avoid that at this stage.TW
-
How would you monetize a weekly email newsletter for physicians?
Well, ask yourself who would want to get in front of physicians? I know a doctor who likes to go to Las Vegas for continuing education classes. There is a company there who offers this training. I bet they'd love to either sponsor this kind of publication or make you a sales affiliate. Really, the possibilities are endless. Once you've got the audience you can sell access. Hope this helps. DavidDC
-
What WordPress plugins (especially free ones) would you suggest for running a site offering subscription content?
As every membership site is unique in its needs & requirements, it's a hard question to answer with one plugin. I would start with Paid Memberships Pro (which is free) and consider alternatives based on your site's needs.AL
the startups.com platform
Copyright © 2025 Startups.com. All rights reserved.