In an effort to streamline reimbursement for healthcare providers, a New York City-based billing infrastructure startup has created one of the first publicly accessible healthcare application program interfaces.
"Historically, the heavily regulated healthcare industry has suffered from low data accessibility," says Katelyn Gleason, CEO and founder of Eligible. "Technologies are not able to operate nearly as quickly or effectively due to the restrictions placed on healthcare data."
Ms. Gleason recently spoke with Becker's Hospital Review about the challenges and opportunities that come with implementing new technology in the healthcare space.
Note: Responses have been lightly edited for length and clarity.
Question: What challenges do companies developing applications related to patients, insurance and billing face when deploying their models into the healthcare sector?
Katelyn Gleason: At the surface, we face the same challenges day-to-day that all infrastructure companies face — availability, scaling, disaster recovery and other foundational concerns — but that's pretty much where the similarities end. The regulatory challenges of the healthcare industry carry a uniquely heavy burden, and for good reason. Any company that wishes to take these regulations seriously has to bake it into the core of who they are and how they operate.
Q: What do you see as a key area for growth in data security for healthcare?
KG: I think there's room to expand the industry's understanding of what data security actually looks like in practice. While HIPAA provides ground rules, it really doesn't offer a more in-depth approach to accomplishing what's expected. Organizations like HITRUST and EHNAC provide certifications that ensure certain standards are met, but healthcare is still lacking a true, single set of guidelines like other industries. Even basic questions like, "Is this considered PHI?" is a constant struggle.
Security can be difficult to navigate and justify, and not having an industry standard and accepted way to attest that your company is meeting those expectations makes it much harder.
Q: What advice do you have for other health IT companies working to ensure data security and compliance?
KG: Focus on the basics. Build a good foundation that you can control and design for visibility and auditability. Too often people chase exciting, but unrealistic, security issues hyped up by the media. Once you have great fundamentals, then and only then should you chase the more extreme but unlikely scenarios. The basics may not be as interesting, but it's a breakdown of fundamental security structures that are at the root of the most well-known data breaches.
I have high hopes and expectations for healthcare technology. Some really incredible breakthroughs are either already here or just around the corner. Over the last couple of years, more and more healthcare-focused startups have entered the space and are starting to shake things up. It reminds me of the financial tech startup boom from a few years back and how they collectively influenced an industry for the better. I think the healthcare world is ready for change and I am happy to see that new ideas and technologies are poised to make that happen.