Challenge

As Miiskin is based in Denmark, they were already GDPR compliant. However, they soon realized that they also needed to be HIPAA compliant, with more than 150,000 users in the United States. They began researching HIPAA, realizing that becoming HIPAA compliant was a complex process. When conducting research on how they could incorporate HIPAA compliance within their organization, they first looked at consultant firms, which were costly and required Miiskin to do a lot of the work on their own. Consulting firms would have cost them a minimum of $5,000 just for an initial assessment, not including follow up assessments, which would need to be conducted annually. They also would have had to complete all of the HIPAA required documentation without guidance.

Solution

Miiskin chose to work with Compliancy Group because the simplified compliance process required them to do little work on their own, as well as the cost-effectiveness of the solution. At first, however, Miiskin was skeptical that what seemed to be a complicated process, could be made so simple. By working with Compliancy Group, Miiskin was able to achieve HIPAA compliance by attending three meetings with their Compliance Coach, over a five week period, with only a couple of hours of work between meetings.

Benefits

Working with Compliancy Group to Achieve, Illustrate, and Maintain HIPAA compliance provided many benefits that other solutions lack.

Jon Friis, founder of Miiskin states, “Compliancy Group’s process was much simpler and quicker than I expected. As a SaaS provider, that doesn’t work with paper PHI, the process was further simplified. Their guided support gave me confidence in my compliance — especially as a European company, with no prior HIPAA knowledge. I couldn’t find anything about the process, or the materials, that I disliked.”

Simplified process. Miiskin was pleasantly surprised when they discovered that Compliancy Group’s implementation process was as simple as advertised. Miiskin was expecting to have to do a serious amount of work, but found that the process was quick and easy, requiring them to do little work on their own. As a SaaS provider, Miiskin has a very limited number of devices that can potentially access protected health information (PHI), with only one employee that has the potential to view PHI (which is never done during normal operations since the SaaS solution does not require manual work with PHI). However, they decided to train all of their staff so that they could instill a culture of compliance within their organization. They were also appreciative that their HIPAA compliance program was tailored to their organization. As a SaaS provider, they don’t work with paper PHI, and therefore did not require much of what other organizations would require.

Guided solution. A key component of Miiskin’s positive experience was their meetings with their Compliance Coach. The Coach was able to remove the complexities of HIPAA by guiding them through the HIPAA implementation process, and answering their questions along the way.

HIPAA compliance tracking. Miiskin’s management embraced Compliancy Group’s HIPAA compliance tracking software, the Guard. The Guard stores all of the documentation that Miiskin needs to prove their good faith effort towards HIPAA compliance, including audits, policies and procedures, and business associate agreements.

Cost-effective. They found that the cost of working with Compliancy Group is low in comparison to the complexities of HIPAA compliance. They went as far as to say that this is the best spending that they have done so far within the regulatory/compliance domain.

Confidence. Miiskin found that using the Guard for their HIPAA compliance gave them confidence in their compliance. All of their required documentation is stored in one convenient location, and it is easy to track their HIPAA compliance.