A 5-year customer journey reveals the true ROI of automated compliance management
When Ajenay Drummond joined EMS|MC in 2007, the company’s approach to compliance was like most healthcare organizations of the time: manual processes, Excel spreadsheets, and annual reminders that something needed to be done. Fast-forward to today, as the Director of Compliance, and after five years with Compliancy Group’s Guard platform, EMS|MC has transformed from reactive compliance management to proactive risk mitigation.
When Ajenay Drummond joined EMS|MC in 2007, the company’s approach to compliance was like most healthcare organizations of the time: manual processes, Excel spreadsheets, and annual reminders that something needed to be done. Fast-forward to today, as the Director of Compliance, and after five years with Compliancy Group’s Guard platform, EMS|MC has transformed from reactive compliance management to proactive risk mitigation.
“Before Compliancy Group, had a lot of manual processes,” explains Drummond. “We had a lot of Excel spreadsheets, a lot of ‘hey, we do this on an annual basis’ or ‘we know we’re supposed to do XYZ.’ It was slightly less defined than it is now.”
The Challenge: Manual Processes Don’t Scale
Like many healthcare organizations, EMS|MC had a solid compliance foundation, but their manual approach created several challenges:
- Time-intensive risk assessments that diverted resources from core operations
- Lack of systematic reminders for critical compliance tasks
- Limited visibility across departments and locations during integrations
- Low visibility into vendor management processes
- Manual tracking compliance progress across multiple programs
The Solution: Comprehensive Automation with The Guard
EMS|MC implemented Compliancy Group’s Guard platform, utilizing multiple compliance programs including:
- HIPAA compliance
- Data security assessments
- Physical safeguards
- Privacy and breach management
The platform’s comprehensive dashboard and automated workflows immediately began transforming their compliance operations.
Transforming Risk Assessments: From Painful to Powerful
One of the most significant improvements came in risk assessment management. “The types of questions that you all ask are very relevant to our industry,” notes Drummond. “They’re very pointed to the privacy rule, to HIPAA, the regulations that are going on, the security aspect of things.”
The Guard’s streamlined approach offers three key advantages:
- Industry-Specific Questions: Pre-built assessments tailored to healthcare regulations ensure nothing falls through the cracks.
- Simple Three-Option Framework: Each assessment item can be marked as “meeting,” “not meeting,” or “partially meeting” requirements, with space for improvement notes.
- Cross-Departmental Visibility: “It’s not just a compliance thing. It’s a compliance and IT and operational thing,” Drummond explains. “We are actively working together to make sure that we’re meeting goals and if there’s gaps, there’s visibility.”
Vendor Management: From Reactive to Proactive
The vendor management capabilities have revolutionized EMS|MC’s approach to third-party relationships. The platform enables them to:
- Track business associate agreements (BAAs)
- Manage vendor communications
- Conduct vendor risk assessments
- Ensure proper contract management
“If the question should arise like ‘do we have a contract with such and such’ there’s a contract management section,” Drummond explains. “The team knows when we’re working with a vendor, what we have. And when we’re working with a new vendor, we’re going to tell them, you can expect a vendor audit from us.”
ROI That Speaks to Leadership
When asked about return on investment, Drummond points to tangible benefits that resonate with executives:
Risk Reduction: “You’re lowering your risk. You’re educating employees, you’re creating healthy habits that will eventually hopefully keep you out of the OCR’s radar.”
Integration Success: “This has been a very necessary part of our process because it allows visibility between different locations… we can clearly see any gaps in the process, whether it’s from a physical standpoint, an IT standpoint, a privacy standpoint.”
Time Savings: After the initial learning curve, compliance becomes routine. “By the third year, fourth year, you’re in the swing of things. Like this is routine. You built it into your process.”
The Evolution: From Overwhelming to Routine
Drummond is candid about the implementation journey: “The first year is rough because you’re asking all the hard questions, right? You’re having those uncomfortable conversations. You’re laying it all on the table. The second year feels a little bit more comfortable. But by the third year, fourth year, you’re in the swing of things.”
This evolution reflects a critical insight: effective compliance software doesn’t just automate tasks—it builds organizational habits and culture.
Support That Makes the Difference
Throughout the conversation, Drummond emphasizes the importance of customer support. “Compliancy Group is also from a support perspective very responsive. If I have questions or my team may have questions about anything in particular, I can chat, I can call, I can email, and get very quick responses.”
The Verdict: More Than Software, It’s a Partnership
When asked for advice to organizations considering The Guard, Drummond is clear: “I would tell them absolutely highly recommended, but I would also caution them to make sure that you have leaders or control owners of that process who are committed to the process.”
Her recommendation comes with an important caveat: success requires commitment. “Don’t worry about who’s on the call or what you should have done… we need you to say we’re either meeting or not. This is how we identify our gaps and then we’ll make a plan moving forward.”
For healthcare organizations still managing compliance through spreadsheets and manual processes, EMS|MC’s journey offers a clear roadmap: the right software platform, combined with organizational commitment, can transform compliance from a burden into a competitive advantage.
