Executive Summary
Machinify works with ClearDATA, an AWS Level 1 MSSP Partner, ClearDATA, to automate and streamline HIPAA and HITRUST compliance, give healthcare payers peace of mind that their data is protected, accelerate compliance reviews, and help insurers transform their operations.
Seeking to Streamline HIPAA and HITRUST Compliance
Machinify was founded to develop artificial intelligence (AI) software to support the core operations of health insurance providers (payers). An early focus of the company was payment integrity or assisting payers in processing hundreds of millions of claims with a higher degree of accuracy. “The health insurance industry is constantly evolving, with many enterprise customers increasingly underwriting their own medical benefits. This leaves the payers to provide all the administrative services for commercial healthcare plans, and they are looking for new digital approaches to drive operational efficiency” says Paul O’Farrell, Chief Strategy Officer for Machinify. A provider of payment integrity and other payer software solutions, Machinify applies AI to all aspects of the claims audit process. “Our customers use our platform to ingest large volumes of claims data, analyze that data, and build machine learning models on top of it,” says O’Farrell. “They can then use those models to audit claims and discover incorrect payments or overpayments.”
A cloud-native company, Machinify has run its platform on Amazon Web Services (AWS) from day one. As Machinify’s solution evolved to help transform and modernize healthcare payer operations, the company needed to find a way to easily achieve compliance with HIPAA and HITRUST certification requirements. “We wanted to automate compliance, so we wouldn’t have to spend a lot of time and money building our own compliance solutions,” O’Farrell says. “We want our developers focused on building new features and applications, not maintaining a compliance system.”
Implementing ClearDATA’s CyberHealth Platform for Compliance on AWS
To address its security and compliance requirements, Machinify reached out to ClearDATA. ClearDATA offers an AWS-based solution that enables customers to consume native AWS services and accelerate application development while automating compliance. David Levinger, Head of Operations for Machinify, says, “ClearDATA makes it easy to use the same AWS services we’re familiar with, but inside a HIPAA- and HITRUST-compliant environment.”
Machinify leveraged ClearDATA’s compliance safeguards from the start. The safeguards check each action against specific controls and ensure that properly configured services are deployed. When a safeguard detects a compliance issue, the resource is either automatically remediated or terminated.
ClearDATA’s CyberHealth Platform, which runs with the Machinify AWS account, uses events generated by AWS Config and Amazon CloudWatch to trigger an evaluation of AWS configurations. “When there are compliance issues detected, our remediation software is automatically triggered,” says Conor Colgan, Product Manager for ClearDATA. For example, if an Amazon Simple Storage Service (Amazon S3) bucket is created, a ClearDATA evaluation and remediation function is executed. “Our software evaluates a series of technical controls such as whether encryption at rest is enabled or public access is not set,” Colgan says. “This all happens through event-driven automation on AWS. Each control is evaluated to see if it is compliant, and it is automatically remediated if necessary.” The Machinify operations team also uses dashboards in the CyberHealth Platform to gain real-time visibility into compliance status.
Adding to the multitude of benefits Machinify has experienced through ClearDATA’s CyberHealth Platform, the company has also gained significant advantages by employing ClearDATA as their AWS Managed Security Service Provider (MSSP). ClearDATA, being an AWS Level 1 MSSP Partner, is recognized for its excellence in providing essential Managed Security Services that align with AWS’s high standards for security, threat detection, and incident response.
ClearDATA’s MSSP solutions offer a comprehensive and proactive approach to data security. By leveraging AWS’s robust and scalable infrastructure, ClearDATA is able to provide continuous security monitoring, threat detection, and automated compliance safeguards, enhancing the security posture of Machinify. Furthermore, ClearDATA’s MSSP solutions deliver clear, actionable insights into potential vulnerabilities and provide instant remediation capabilities.
The AWS MSSP initiative helps Machinify uphold its core commitment to data integrity and reliability by assuring customers that their sensitive data is handled with the utmost care and protection. The MSSP’s robust security measures are instrumental in maintaining the trust of healthcare providers and patients alike, substantiating Machinify’s standing as a reliable partner in the healthcare sector. AWS MSSP extensively contributes to Machinify’s goal of creating a secure and compliant environment for its users.
By utilizing ClearDATA’s CyberHealth Platform on AWS, Machinify has been able to streamline and automate its compliance efforts, providing customers with a secure and compliant environment. With the strong support of ClearDATA’s MSSP solutions, Machinify is able to safeguard sensitive data while focusing on developing innovative AI-based solutions for the healthcare industry. This partnership between Machinify and ClearDATA is a prime example of how AWS technology, coupled with expert managed service providers, can benefit organizations by helping them achieve their compliance goals while enabling them to focus on their core business objectives.
Machinify has used the CyberHealth Platform with ClearDATA Managed Services to keep a safe, compliant environment for its customers—an environment consisting of payers, providers, and healthcare life sciences organizations that rely on ClearDATA’s expertise in the realm of Protected Health Information (PHI), HIPAA, ISO, and General Data Protection Regulation (GDPR) requirements.
“The doors to many of our business opportunities wouldn’t be open if we couldn’t articulate a high level of certainty around security and compliance. We can demonstrate that certainty by running ClearDATA on AWS.”
– Paul O’Farrell, Chief Strategy Officer, Machinify
Instilling Customer Confidence by Automating Compliance
Working with ClearDATA, Machinify can confidently demonstrate to payers that its applications are secure and compliant. “Security and data integrity are essential for our customers, and we can give them peace of mind by using ClearDATA’s CyberHealth Platform on AWS,” says O’Farrell. “The automated safeguards that ClearDATA has in place ensure that we are not in violation of HIPAA and HITRUST requirements. If there are issues, ClearDATA follows up with us immediately and remediates the problem.”
Ensuring compliance is especially important for Machinify because HIPAA rules require the company to be authorized as a business associate before working with a new customer. “We can’t access customer data until that authorization is complete,” O’Farrell says. “By demonstrating that our application is compliant, we can start working with new customers right away and begin looking at their historical data and outcomes to help them find areas of overpayment or inaccuracy. In many cases, this means they can save tens of millions of dollars.”
Accelerating the Security Review Process
Machinify can more quickly pass stringent security and compliance reviews by taking advantage of the automation of ClearDATA Comply. “By leveraging what ClearDATA has already built into its software, we are able to pass security reviews faster,” says O’Farrell. “Because ClearDATA is HITRUST-certified, HIPAA-compliant, and automated, it allows us to compress the information security review time and streamline the entire process, so we can accelerate our business growth by onboarding new customers faster.”
Helping Insurers Transform Operations
By relying on ClearDATA’s CyberHealth Platform, Machinify can focus more of its time and resources helping its customers. “We don’t have to spend engineering cycles and money building our own automated compliance solution,” says O’Farrell. “Instead, we can focus entirely on what we do best: helping healthcare insurers and payers transform their operations and drive efficiencies using AI.”
By putting more resources into development, Machinify will be able to expand its business. “The doors to many of our business opportunities wouldn’t be open if we couldn’t articulate a high level of certainty around security and compliance,” says O’Farrell. “We can demonstrate that certainty by running ClearDATA on AWS.”
