The best MSP software sells itself. Not only does offering a HIPAA service to your clients satisfy something they need, but HIPAA also highlights the need for the other tools in your stack. Tools such as endpoint security, RMM, penetration testing, password management, data backup, and disaster recovery are all justified by the requirements of the HIPAA regulations. By adding HIPAA compliance to your stack, you’re creating a value add for your clients while increasing your MRR.
A long time Compliancy Group partner, Rigid Bits, that has added HIPAA compliance to their offerings spoke to us about their experience. By offering HIPAA compliance services through the Compliancy Group Partner Program, Rigid Bits increased its deal size by 10 – 20%. The ability to upsell with a product that not everyone else can do with the confidence that Compliancy Group can – has helped them close more deals with HIPAA than they would have otherwise. By bundling in HIPAA with their other offerings, they increase their MRR with a service their client would need to address regardless.
Did You Know That You Also Need to Be HIPAA Compliant?
As an MSP with healthcare clients, you are considered a HIPAA business associate. This is because you have the potential to view electronic protected health information (ePHI) through the services that you provide your clients. As a business associate, you have to meet many of the same requirements as your clients do.
To satisfy the law, you have to implement a HIPAA compliance program including:
- Conducting annual security risk assessments and remediating deficiencies uncovered by them
- Implementing HIPAA policies and procedures
- Conducting annual HIPAA training for all employees with the potential to access ePHI
- Signing business associate agreements with your healthcare clients and vendors that you use to service their accounts
- Creating an incident response plan to detect, responds to, and report breaches