In this Entrepreneur Spotlight we are focusing on one of our CFO clients: Protenus. Protenus helps hospitals protect patient privacy in electronic medical records by detecting privacy breaches in real-time. The solution is a lightweight analytical tool focused on protecting against insider threats. The Company is based in Baltimore, MD and was founded in 2014.
We interviewed Nick Culbertson, Co-Founder of Protenus, on how he got started in the business and what he is currently facing in his role within this startup
1. Tell us a little bit about Protenus. The idea behind it, how you got started, and what the initial purpose of this business was.
Protenus originally started as a research project that aimed to study complex clinical workflows in large health systems. Ultimately, we discovered a way to not only understand how a myriad of workflows occurs simultaneously around patient care but also how to identify when these workflows occur abnormally. While there are many applications for our technology, our first goal has been to apply it towards detecting and remediating breaches to patient privacy.
2. What has been the biggest challenge running a startup in the Healthcare/Software Application industry?
Healthcare is a highly regulated industry. Unlike startups in other industries, we could not jump into quick software or technology decisions due to the sensitive data we are working with. Each piece of our technology stack had to be carefully vetted to not only be the most secure option for the data, but also scalable, reliable, and resource efficient.
3. What has been your biggest surprise in starting this business?
Honestly, what surprised us the most, and continues to surprise others who we speak with about our company, is how systemic the problem our team addresses actually is. Unlike other industries, healthcare institutions typically provide unfettered access to electronic health records for all of their workforce members. While these access sessions are logged and occasionally audited, it is an enormous challenge to actually determine how and why patient records are accessed millions of times per day. As a result, big data technologies are a must in order to proactively detect violations to patient data.
4. What is a real world example of how the patient monitoring platform has helped to analyze data and detect certain violations or breaches?
You could say we have the same problems as the CIA – you don’t hear about our company’s successes. The reason for that is when our system proactively identifies a threat to patient data, our customers are able to quickly resolve the matter and remediate the damages ahead of time.
While our product has been extremely successful with our customers, not all healthcare systems are using a big data approach to health data security. As a result, you hear about breaches all too often, ranging from benign snooping into the records of family members, VIPs, or co-workers, to phishing attacks, ransomware, and large-scale cybersecurity threats.
5. What milestones do you hope to achieve in 2017?
In 2017, our biggest goal is to continue scaling our customer base to not only improve health data security overall, but also increase trust in healthcare. Protecting patient data requires a layered approach to security and privacy, and while many organizations provide a good perimeter defense with firewalls and other traditional cybersecurity tools, not enough are using an internal “immune system” to catch internal threats and those external threats that are able to breach the firewall.
6. What do you and your fellow colleagues like to do for fun?
Whiskey Wednesday has been a staple activity for our team from our earliest days. It was organically started by a few team members and spiraled into a time for people to relax, swap ideas, and get to know each other better (whether or not they’re a fan of whiskey). In addition to the entertaining conversations, ranging from hilarious to incredibly interesting, we occasionally break out a board game as part of our weekly event.