Challenge
When eReceivables, one of the most unique and creative technology-based total medical billing and accounts receivable management firms in the market, lost their in-house IT person, a referral brought them into contact with Internos. Through discussions with management, Internos discovered that eReceivables’ IT, at that time and as is the case with small to medium companies, was nowhere near the maturity level the organization required, especially as it related to their policies, processes and compliance.
Later, when COVID quarantines forced employees into remote work almost overnight, eReceivables lacked the IT infrastructure to support them.
“Remote work creates a very different security environment than on-premise, and there is no governing body telling them what is and what is not required. It's a gray area that needs continual navigation and adjustments,” said Jairo Avila, Internos sales and client management/partner.
eReceivables is a medical insurance claims processing and billing provider for hospitals and health systems. Located in Coral Springs, Florida, their patented Small Balance Claim Recovery service appeals claims that have been denied, underpaid or not acknowledged within 12 to 18 months. Their systematic escalation process gets claims to the appropriate management levels to be properly processed. Their full suite of services include billing, follow up, appeals and financing.
Solution
Internos became eReceivables’ IT department, supporting their growth and helping them earn HiTrust CSF accreditation for multiple years. HiTrust CSF standards have been developed according to SOC 2, making it the most widely adopted security framework in the U.S. healthcare industry. It unifies recognized standards and regulatory requirements from NIST, HIPAA/HITECH, ISO 27001, PCI DSS, FTC and COBIT.
Internos also helped the entire eReceivables team to understand the importance of protecting their data with cyber security training and data redundancy. When eReceivables needed to implement cyber insurance to meet their client's contractual requirement, Internos provided the expertise and system documentation to make the process easier.
“Not having cyber insurance is like a car accident waiting to happen. You hope it’s not going to happen but when it does, you don’t go to the dealer to pay for it. You call your insurance company,” said Avila.
That’s what cyber insurance does for IT disasters. It doesn’t protect data, but helps to pay for fixing the issues.
“As their comprehensive IT experts at every level, Internos makes sure that whatever is written in the company’s policy is actually being implemented. Our security officer checks continually, not just on a scheduled basis,” said Avila.
When the COVID shutdown caused eReceivables’ personnel in New Jersey and Florida to work remotely from home, eReceivables also needed to add significant staff to support a large hospital client. They made the decision that those newly hired employees could work from home in any state and expanded their personnel recruiting accordingly. Internos became crucial to building the infrastructure to support a growing working-from-home employee population.
“We received an outstanding result after the SOC1 Type 2 audit of our processing and financial controls was done [for one of our clients]. Of the 37 controls they measured , there were zero exceptions, which means they did not identify any problems, issues or instances in which the controls were bypassed. This is an outstanding result, the first time we had zero exceptions, and all of you [at Internos] are responsible for this exceptional level of performance.”
— Bill Whitaker, COO of eReceivables
Outcome
Working with the Internos team enabled eReceivables to grow without having to worry about their IT. It raised their cost savings, improved cyber security and facilitated eReceivables to meet its HIPAA requirements in this evolving business climate.
When eReceivables set the goal to obtain HiTrust CSF certification. Internos became the critical player enabling eReceivables to achieve that prominent certification which unifies recognized standards and regulatory requirements from NIST, HIPAA/HITECH, ISO 27001, PCI DSS, FTC, COBIT and is completed according to SOC 2 criteria, making it the most widely adopted security framework in the U.S. healthcare industry. Internos reviewed HiTrust CSF requirements with eReceivables and ensured eReceivables had all of the IT infrastructure necessary to meet those requirements. Internos was intricately involved in the interviewing sessions by the HiTrust independent auditors.
Internos continues to provide proactive small business IT services. They helped eReceivables during COVID by securing their remote workforce (with VPN access/security, two-factor authentication, etc.). Internos service continues to grow with them as their needs change.
“When they grow, we grow,” Avila said. “We have a synergy with this client and a level of understanding that allows us to adjust quickly to a change in policy or procedure.” The company is currently one of Internos’ top three clients and has grown exponentially over the last 9 years. They have reached a level of maturity, that it is now normal practice to be routinely audited by their own clients.
eReceivables is now able to grow without having to worry about their IT infrastructure and compliance. They achieved better cyber security and business continuity while realizing cost savings. As their ongoing cybersecurity and small business IT services, Internos continues to monitor their needs and proactively protect their business.
Choose IT Services For Your Small Business
Our Managed Service Provider Checklist is free, easy-to-follow and can guide you through the process of choosing the best IT partner for your business. Gather answers to questions before you start comparing providers, such as:
- What level of support do you expect from your MSP?
- What are your current and 5-year business goals?
- Do you have the stats and info on hand that potential providers will need to quote their services?
- What are your current backup and cyber security practices?
- And more!