Data Science in the HIPAA Compliant Cloud

There’s a pretty cool marriage of tech and health going on right now. You can see it on the “about” page of so many of the Rock Health portfolio companies. Often one of the founders has deep tech experience and another has domain expertise in health. Together, they’re rethinking healthcare. Andreessen Horowitz’s recent launch of their $200-million bio fund provides further support for this burgeoning corner of the startup world.

Moving quickly, testing, optimizing, and questioning status quo are just a few of the strategies startups bring to the healthcare space. But entering the space can be daunting. In a heavily regulated industry (hello, HIPAA!), folks must be ready to navigate regulations on top of building their solution and nailing a business model.

If the startup’s plan includes working with patient data in novel ways, they must first take measures to keep patients’ protected health information (PHI) secure. That means ensuring their product and development environment are HIPAA compliant.

But the challenges of HIPAA expand quickly when digital health companies look to bring cloud-based tools into their stack. If these third-party tools touch PHI, they, too, must be HIPAA compliant. This ends up limiting the tools that tech folks can bring with them as they jump into digital health. The things we all love about the cloud—the collaboration, asynchronous work, access from anywhere—aren’t a given.

Awhile back Mode decided to make our data analysis tools HIPAA compliant. It took us a couple of months to get the documentation together, configure things, and retool the product so that every customer could do data analysis in a HIPAA compliant infrastructure. There were challenges, but it turned out to be a lot more accessible than we anticipated. Other startups might really benefit from opening their tools to the world of digital health—the need is definitely there. And might all of our healthcare be better off if we do?

Earlier this week, we joined forces with Aptible and Rock Health to bring together data science folks to talk about the ways they’re drawing on their experience from traditional tech companies—and tackling regulations—to make big impacts in the realm of digital health. It’s pretty cool to see how folks are able to effectively use data after overcoming regulations.

Otis Anderson from Clover Health spoke about how Clover draws on A/B testing principles to improve health outcomes. In his presentation you’ll see what at first glance looks like a chart (made with Mode!) showing the effectiveness of any standard website signup flow A/B test. Upon further inspection, it’s the effectiveness of scheduling nurses’ in-home visits.

What’s a classic way to engage new customers and reduce churn? Email marketing. Ian Yamey from PolicyGenius wanted to use cloud-based email marketing tools without sharing PHI or their customer identities with third parties. In his presentation, he shared a workaround he developed in order to use best-of-breed email tools that would otherwise be off the table given their lack of HIPAA compliance.

Finally, Alex Baretta from Lumity showed how he modified the machine learning algorithm EigenDog to predict health conditions, healthcare costs, and more.

A huge thank you to everyone who attended the event. In doing so, we raised over $500 to donate to Watsi!

Looking for ways to learn more?