As a provider of innovative AI-based solutions for X-ray analysis and treatment recommendations, Velmeni aims to help its customers transform their dental practice. However, it is a given in the healthcare industry that customers expect their vendors to be HIPAA-compliant.
Without this, Velmeni could not hope to quickly build the level of trust required to win the confidence of prospective customers.
Velmeni selected Akitra as its compliance automation partner, seeking both a system to speed its path to compliance and also to gain access to expert guidance. The company’s first challenge was to adopt the set of policies and controls that form the heart of HIPAA compliance. “Akitra not only helped us with creating a complete set of required policies, but also gave us a basic education about how policies and controls play with the specific needs of our company and of this industry”, said Mini Suri. “HIPAA was a new area for us, and they brought us up to speed far more quickly than we could have done on our own.”
Using the Akitra platform’s integrations with cloud services such as AWS as well as Akitra’s Shield software module for endpoint monitoring, Velmeni was able to automatically collect HIPAA compliance evidence and quickly detect any gaps to be remedied. “It would have been very resource-intensive and time-consuming as well as downright tedious if we had to collect all this data manually. Instead, we had Akitra’s compliance automation doing it automatically for us, 24 by 7”, noted Mini.
1. Originally expected to take 6-8 months, Velmeni successfully completed its HIPAA audit in just over three months, using Akitra’s automation.
2. “Having external validation for our HIPAA compliance once we passed our audit has definitely helped shorten our sales cycle in closing business with dental practices”, Mini explained. “Overall, it helps build trust and credibility not only with customers but with partners and with government regulators as well.”
3. As part of its growth strategy, Velmeni plans to obtain compliance certifications for other compliance frameworks beyond HIPAA, such as SOC 2 and HITRUST for the North American market, and GDPR and ISO 27001 for international markets.