GYANT leverages a HITRUST readiness assessment to streamline its sales process.
GYANT is a virtual healthcare resource that specializes in using AI assistants to guide patients through their health journey. Serving as a “digital front door,” GYANT’s advanced technology creates a single entry point for patients, triaging symptoms and finding the right care at the right time.
GYANT’s services not only improve patient outcomes, but its virtual, on-demand features increase efficiency in the healthcare industry, allowing providers to focus on what they do best—providing care.
Because GYANT is a healthcare organization and required to have a thorough understanding of HIPAA regulations, their potential clients must undergo rigorous security reviews prior to beginning services. These reviews come in the form of extensive questionnaires issued by GYANT to their potential clients in order to determine the security and compliance posture of the organization. Once complete, GYANT’s team is responsible for answering individual comments provided by the potential client on the questionnaires. Considered a cybersecurity best practice, this process ensures adequate protection of sensitive customer data.
Efficiency is crucial to GYANT’s success, and the amount of time it takes to administer questionnaires, acquire answers, and respond to comments can result in losing clients prior to signing their contract. This affects pre-sales and overall client trust. GYANT realized it was important to improve the effectiveness of this process in order to win and retain clients and increase brand reputation. “Our hope is that with a HITRUST readiness assessment in hand, we can demonstrate the maturity of our organization and alleviate the amount of work it takes to answer security questionnaires,” said Kirill Kireyev, chief technology officer of GYANT.
Our questionnaires sometimes follow a particular template, other times they’re tailored to the organization’s unique structure. The more specific the questionnaire, the longer it takes to review. Through this process, it can be difficult to convey our true capabilities to potential clients.
GYANT previously worked with BARR Advisory to achieve its first SOC 2 report. Through the SOC 2 engagement, GYANT built trust in BARR, walking away inspired to pursue its HITRUST certification, starting with the readiness assessment. As a scaling organization, GYANT was looking for an audit partner who understands modern cloud controls and could address issues related to its specific needs. With success from their SOC 2 examination, BARR was GYANT’s first choice when selecting a HITRUST Authorized External Assessor.
“From our first encounter, BARR struck me as professional and organized as well as knowledgeable and easy to talk to. While it initially felt daunting to obtain a HITRUST certification, our engagement team at BARR assured us that the readiness assessment would be manageable, and they’ve walked us through each step of the process,” said Kireyev.
Within a two-month period, GYANT met once a week for a deep dive with their BARR engagement lead, who provided a detailed description of each control in an easy-to-read deliverable. Through leveraging their efficiencies, the BARR HITRUST team completed GYANT’s readiness assessment by analyzing the necessary controls, submitting evidence, discussing the results, and remediating when necessary.
Our engagement lead has been great at interpreting each of our controls and making them fit the technical profile of our organization. While some controls can be worded in a way that’s difficult to understand, BARR made it easy to interpret and truly understands the spirit of each control.
While the readiness assessment alleviated the time spent on answering security questionnaires, the biggest benefit GYANT experienced was a more advanced position as a healthcare resource. The process encouraged GYANT to complete the right training and secure its policies, creating a stronger security and compliance posture, and ultimately, driving business growth.
Equipped with a readiness assessment, GYANT will continue to achieve its HITRUST certification through BARR. Not only will this improve trust and increase sales, but a HITRUST certification differentiates GYANT among their competitors, conveying the validity of the organization to its healthcare clients. Now GYANT is ready to advance their services and improve efficiencies to reach their overall goal—to make people better.
BARR has an excellent perspective on HITRUST requirements. Throughout the readiness assessment process, our engagement lead took the time to understand GYANT’s posture as an organization and how to apply our controls to each unique situation.
