Backed By YC And Rock Health, Aptible Handles The Hard Parts Of HIPAA Compliance

“The best minds of my generation are thinking about how to make people click ads,” entrepreneur and technologist Jeff Hammerbacher once said, paraphrasing Beat poet Allen Ginsberg in a sadly truthful characterization of the modern day tech industry.

The thing is, a lot of people who work in advertising-fueled tech products have said that they’re intrigued by the possibility of working on more meaningful applications of technology, particularly in the health space. But the complicated regulatory environment surrounding such products serves as a big deterrent. “Generally, health is just so heavily regulated, it’s just a painful business to be in. It’s not necessarily how I want to spend my time,” Google co-founder Sergey Brin said in an interview earlier this year. “I think the regulatory burden in the U.S. is so high, I think it would dissuade a lot of entrepreneurs.”

A new startup called Aptible just might help make healthcare a bit more palatable for ambitious entrepreneurs. Aptible, which is in the current classes of both the Rock Health and Y Combinator startup accelerators, says it helps handle all of the things a technology company needs to become HIPAA compliant at a fraction of the cost and effort of traditional HIPAA compliance consultancies.

The way that Aptible works can be described as a blend of products such as Heroku and TurboTax, co-founder and CEO Chas Ballew said in an interview last week. The TurboTax comparison refers to the way that Aptible’s “compliance engine” asks users a list of questions related to HIPAA compliance in plain English, and translates the answers into the appropriate format that would satisfy an auditor and other regulatory authorities. The Heroku comparison is because Aptible works as a deployment platform and manages all of the necessary secure backend infrastructure needed to run HIPAA-compliant technology apps. Aptible is “framework and language agnostic,” which means that companies can use the programming languages and database infrastructures of their choice.

“A lot of times when technology companies want to be HIPAA compliant, they’re forced to use certain kinds of tools,” Ballew said. “We let you use the languages open source databases that everybody in tech uses, like PHP and MongoDB. If you want to migrate on or off Aptible, you don’t have to learn the language or API that was invented just for HIPAA compliance. We do it all for you.”

Aptible costs $3,499 per month for an annual contract. That may seem like a steep price, but according to Ballew, the status quo cost for HIPAA compliance is much higher. Becoming HIPAA compliant often costs a company between $50,000 to $100,000 in consulting fees, and up to 200 hours of manual work, with annual updates needed, Ballew says. In contrast, Aptible claims that it can have a company well on the road to HIPAA compliance in an afternoon.

Ballew says that Aptible’s able to do this because it’s solely focused on HIPAA compliance for cloud-based software as a service companies. Most HIPAA compliance consultancies work with all types of organizations, from hospitals to insurance companies to healthcare payment providers, making them inefficient for many modern tech firms.

“We’re totally laser focused on this one type of company: Cloud-based, software-as-a-service technology companies. We’re here to help developers,” Ballew says. “We want to help the smart people who are technically good and motivated to work in healthcare to not just say, ‘Wow, I’m going to go work on something else, because it’s too much of a nightmare to do this kind of regulatory stuff.’ We can solve that problem.”

Aptible, which has been running customers in production since late March, was founded by Ballew, a lawyer with a background in government regulatory compliance, and CTO Frank Macreery, a software engineer with a specialty in backend infrastructure. Aptible, which is currently seed funded by Y Combinator and Rock Health, currently has three full-time staff.

It’s still the early days for Aptible, but it seems to be a smart idea that could make a big difference in the kinds of companies that we see built in the coming years.