MSPmentor Blog

Managed Services In Healthcare: Just What the Doctor Ordered

Managed Services Health CareLast month, I offered you four keys to ongoing managed services success -- regardless of the economy. With those previous thoughts in mind, let’s look at new client acquisition in healthcare -- which is a ripe opportunity for managed service providers. I'll even show you how to find leads for healthcare companies that are 10-99 employees in a 50-100 mile radius around your office.

All healthcare-related companies are affected by the Health Insurance Portability and Accountability Act (HIPAA) of 1996. The act:
  • Requires that patient data is protected from unauthorized access at all times
  • Requires that data be encrypted using 256-bit AES encryption
  • Requires data backup plan, DR plan and emergency mode operation plan- which involves date be stored offsite.
  • Requires reasonable and appropriate measures relative to the size, complexity and resources of the organization.
  • Healthcare practice must maintain total control of their data.

Where's the Opportunity?

There are no teeth in the regulation so why should a healthcare organization be concerned? Liability and downtime are the specific drivers.

Healthcare providers can’t afford to lose a patient record and any system downtime is costly. If systems are down, patients can’t be seen. Another motivating force is malpractice insurance policies. HIPAA compliance is required by these policies. This may force the issue.

So why wouldn’t a company comply and what are the roadblocks to compliance in most cases? Primarily, complexity and cost. If you could offer solutions that answer a healthcare professional’s needs that are affordable and easy to understand and maintain, you have their attention. Data protection, fault tolerance and RTO (Recovery Time Objective) are more critical than ever in this vertical.

Zenith Partners provide a business continuity solution that places a standby server on site. It performs frequent secure snapshots every 15 minutes of all the data that is changing. In the event a server crashes, this device can be remotely activated in minutes to take over as the server and all users can continue working. This solution allows you to answer many of the HIPAA requirements noted above. Additionally, the roadblocks faced by the healthcare providers-cost and complexity- are addressed. This is an affordable solution that can be billed on a monthly basis and it requires no staff interaction to maintain it.

Finding Your Target Customers

A target list can be built inexpensively by targeting the Health Services SIC code (80) and pulling leads for companies that are 10-99 employees in a 50-100 mile radius around your office. Generally you can build a list for .12-.25 per contact depending on the volume you pull. Zapdata ( and D&B ( can provide pay as you go services for building lists. You can set up direct mail programs-postcards are the best. The list you pull can be merged by the US postal service with the postcards that you create (here's how).

The message can be as simply as “Let us show you how you can protect your patient data and have a standby server on site for less the $200 per month.” You should set up a telemarketing campaign to contact these companies as well. When you call, make sure to find out what Electronic Medical Records (EMR) system they use. Address HIPAA compliance and the fact that you can guarantee very minimal system downtime.

How can you achieve a deeper penetration in the Healthcare market without approaching individual practitioners?
  • By government mandate Electronic Medical Records (EMR) are on the horizon. But there is no single accepted or endorsed system in place. At last count there were over 400 software manufacturers of EMR systems.
  • There are hundreds of Physician Management companies that manage a huge number of physician practices. Seek them out and deal with them at a corporate level to provide standby servers for all of their clients. Give them a cut.
  • There are many Dentist Office applications, a few Chiropractor Office applications and Optometrists all have patient record systems.
  • Seek these companies and partner with them to gain some traction in the healthcare market. They rarely want to get involved in maintaining the network and they would love the idea of a standby server for their mission critical application. Partner up. Also if you don’t have a security or VOIP specialist. Think about hiring someone internally. If this doesn’t sound feasible, work in tandem with a partner that can provide these services so that you can fully address the needs of these clients.
Healthcare providers need system uptime and they can’t afford to lose a patient record. You have the answer. With a good Business Continuity plan systems are accessible, online and running 100% of the time, whether the employee is on-site of off-site. Any downtime represents thousands of dollars in lost revenues for each patient.

If you address reduction in liability, provide a service that doesn’t create more work for internal staff, that’s easy to understand at a fixed monthly cost you will build your business very quickly. This applies not only to Healthcare but to all SMB’s.

Zenith Infotech’s Maurice SaluanNote: Maurice Saluan is VP-Channel Management for Zenith Infotech as well as seasoned sales veteran in the managed service arena. Guest blog entries such as this one are contributed on a monthly basis as part of’s 2009 Platinum sponsorship.

Discuss this Blog Entry 14

David @ BTR (not verified)
on Mar 10, 2009
Joe, thanks for mention -- and yes, I do miss your thoughtful insights on our roundtable. Regarding the "challenges" of entering the healthcare space, perhaps a standards-based "federation" approach might help to overcome all the nuances of addressing the individual needs of the many small physician practices that exist. Maybe this approach has been tried before and failed, but if some government incentives were applied to furthering IT adoption, then it might be possible to attract otherwise independent thinking people to this common cause.
on Mar 9, 2009
Mark, All great points! Thanks for your insight.
Mark B. (not verified)
on Mar 9, 2009
My company has been involved in healthcare IT for the past 3 years now, and I can tell you first hand that this is an industry with a tremendous upside but can also be very difficult to get into. Of course, healthcare IT is front and center in the news these days, with congress and the president talking about 7 and 8 figure dollar amounts to throw into the industry in order to bring it along. Anyone considering getting into this vertical should do so with as much information as possible. I liken it very much to getting into the banking IT vertical. To expand on your post a little further, here are some tips for anyone interested in healthcare IT: - Physicians are notoriously difficult to sell to - Understand the difference between IT and IS, particularly on the hospital side of things - Previous experience is almost a MUST. Healthcare as a business is extremely complex, understanding the role of IT in it is critical to staying in business - The industry is heavily fragmented, with the average family practice operating no less than 2 entirely separate networks with 4 business critical applications - You MUST be able to show more value than being able to save practices a few dollars. Develop your value proposition very carefully and perfect it - Any industry expertise you can gain will be valuable to you. Working with a practice is NOTHING like working with a lawyer, accountant or retail store - Hospitals and private practices are very, very different All of these points may seem like I am being a serious downer, but each of these challenges can be overcome by the right people who are willing to work hard at it. The reality is that like the banking industry, the significant challenges healthcare presents to the entrepreneur also presents a significant opportunity. The other upside is that investors are starting to look at companies that specialize in this niche very seriously. We are working with angel groups right now that see the opportunity, and are working on the due diligence process with us. All the best, Mark
Joe Panettieri (not verified)
on Mar 9, 2009
Business Technology Roundtable -- a blog that I wrote for in 2008 -- has additional thoughts on IT in healthcare. The site is sponsored by Cisco Systems, so yes: You're going to get Cisco's perspective.
Jasmine (not verified)
on Mar 10, 2009
Any tips on what youa re doing to acquire new clients in the healthcare industry?
on Apr 2, 2009
Agreed on your points, well said. This points out a concern for the MSP solution however, since Healthcare is a prime target for advanced services, but without Zenith being willing to sign a HIPAA partner agreement, we can't go there.
Joe Panettieri (not verified)
on Apr 21, 2009
Eugene: I don't have a list of SAS 70 Type II audited data centers, but anecdotal evidence suggests that list is growing.
Eugene (not verified)
on Apr 20, 2009
Would help if the BDR datacenters were SAS 70 Type II Audited.
Joe Panettieri (not verified)
on Nov 30, 2011
Maurice: Everything old is new again. Thanks for taking the time to share more thoughts with Rachel. Reader comments make the blogosphere go round. Best -jp
Rachel Huveldt (not verified)
on Nov 27, 2011
Mr. Saluan, I notice that your article was written in 2009. I would be interested in learning what you think now that the HITECH ACT and healthcare reform is being implemented. What are the challenges facing IT managed service companies wanting to get into the IT healthcare market?
on Nov 30, 2011
Rachel, The HiTech Act definitely imposes some new requirements on IT resellers and solution providers, especially in the areas of privacy and security. Before HiTech, privacy and security requirements were imposed on business associates (i.e., companies that are entrusted with PHI), but only if the contract between the business associates and the covered entities (e.g., doctors, insurance companies, etc.) specifically allocated that kind of responsibility to the business associates. Under HiTech, compliance with HIPAA’s security and privacy rules is now mandatory for all business associates, regardless of whether an appropriate contract with the covered entity exists. So, to the extent that IT solution providers are engaged in business associate-type activities, they (i) need to know what the law is, and (ii) follow the law, or they will leave themselves vulnerable to prosecution by the federal government. Also, patients’ requests for access to their records will likely increase under HiTech. IT solution providers need to anticipate this, and should start offering solutions to their clients that allow access to records with relative ease and convenience. The solution providers who offer the best access solutions will, in my opinion, have a significant market advantage over those that don’t offer easy-to-use navigation and/or access capabilities.
tyler (not verified)
on Jun 13, 2012
Very good points Mark... and there is an opportunity here for those willing to address the needs involved and who are able to show value beyond just saving the practice money.
speeding up my pc (not verified)
on Jun 20, 2012
Hi there, just became alert to your blog through Google, and found that it is really informative. I am going to watch out for brussels. I will appreciate if you continue this in future. Many people will be benefited from your writing. Cheers!
Managed Services in the Health Care Realm | CCS (not verified)
on Jun 20, 2012
[...] MSPmentor points out additional scenarios in which MSPs can provide solutions, including electronic medical records storage, standby servers for physician management companies, as well as patient records system for doctors and dentists. Partnering with these companies can give them traction in the health-care market. [...]
Post new comment
or register to use your MSPmentor ID

Sponsored Introduction Continue on to (or wait seconds) ×