Aptible Keeps Able Health HIPAA Compliant and Poised for Strong Growth

Able Health is a healthcare IT company that helps providers earn incentive payments for the quality of their care. They chose Aptible to ensure HIPAA compliance and meet the highest standards for security and privacy for their customers.

Able Health cofounder and president Steve Daniels oversees all product and customer operations at a company that built its business around private health information. The platform imports patient data from customer systems and calculates hundreds of indicators related to care quality and patient outcomes, leaving no room for error when it comes to security.  

Knowing the importance of privacy in the healthcare industry, Daniels adopted Aptible to create a strong Security Management program. After comparing a handful of vendors, he decided on Aptible Comply to put compliant policies in place. To ensure the company deploys their solution on Aptible, Aptible’s infrastructure has built-in security controls to meet even the most demanding regulations.

Replacing Disparate Documents

Before using Aptible, Daniels and his team had to manually assemble policies and procedures on security and privacy. Unfortunately, these documents were mostly pieced together from disparate sources and consultants. They weren’t representative of what Able wanted to accomplish—they were designed for larger organizations, referencing roles that didn’t even exist in the company.

“Our team couldn’t relate to what we had pieced together. We needed something that was tailored to us.”

Once Daniels adopted Comply for Able’s Security Management program, he was able to customize each policy for the roles and technology that existed at his company. It was easy for everyone to understand what they needed to do to support security and privacy initiatives, which led to complete buy-in from everyone on the team.

Transparency in a Highly Regulated Industry

Aptible gives Able employees a clear view into how policy translates into everyday workflows. Comply provides a framework for implementing HIPAA-compliant security practices, including a detailed information hierarchy that Daniels used to map responsibilities to specific roles in his company. This clear direction allows everyone at Able to consider security as part of their job. “More than ever people are aware of the policies and procedures that affect them,” says Daniels. “It’s far more of a team effort than it used to be.”

Customizing Aptible for Maximum Accountability

Aptible helped Able customize processes, procedures, and documentation for their company—the size, the roles they hired for, and the requirements that help them win new customers. Comply lets them assign leads for each area of responsibility, clearly delineating between them. Daniels uses Aptible’s dashboard to review what actions are needed to stay compliant with their policies.

When it comes to deployment, Able can rely on Aptible automatically implement HIPAA-compliant security controls. They then configure the platform to meet additional requirements that are unique to their security management system. If they decide to pursue additional certifications, they can add configurations without putting existing protocols at risk.

“The service we get with Aptible is just outstanding.”

Daniels recommends Aptible on a regular basis, touting it as the best security and compliance tool on the market by far. He places a huge value on knowing Able Health is compliant at all times so the team can focus on other important initiatives.   

As a company that built its reputation on private health data, Able has created a culture of security throughout the development lifecycle. They’ve adopted some of the best technology in authentication, device management, vulnerability scanning, intrusion detection, and more. Aptible helps them tie it all together.