Subscribe
An interview with Hella Health’s founder and CEO Rafal Walkiewicz, and Hella Health’s Chief Technology and Information Security Officer Duane Jung. Inspired by their shared view on privacy as a fundamental human right, they developed Hella Health’s Privacy Pledge to guide the company’s approach to data protection. They describe the role of privacy as a core value and how they aim to protect customers’ right to privacy.
What does privacy mean to you and to Hella Health?
Rafal: Privacy is at the core of everything we do at Hella Health. Our commitment to privacy is one of the reasons for our existence. We promise older Americans full control over their own data, full stop.
Why is privacy such a central pillar to Hella Health?
Rafal: It all starts with philosophy for us. We strongly believe that the customer should own their data and should always be in a position to control it as well. We do not sell any customer information to any third party, ever.
Duane: Our approach to privacy is actually quite a new approach in this industry, which has traditionally been built on the concept of trading leads. We receive hundreds of emails from lead generation agencies who are trying to sell us leads. We get multiple approaches from various businesses asking to buy our customer data. We don’t engage in any of those conversations.
To be frank, our approach is costly and quite unorthodox. But we strongly believe it’s the right approach to best serve the interests of older Americans.
With privacy as a foundational element of Hella Health, how does that central belief translate into your product?
Duane: It is about the process. Of course, we are HIPAA and HITECH-compliant, but we did not build our infrastructure simply to check the compliance boxes. We built our operations to protect our customers’ data first and foremost. With that kind of attitude, we were not surprised that we had met the industry compliance standards.
The process starts with how the data is stored, who can access it, and when. Admittedly, it is much easier to control these things when you have a tech-driven, contained organization like ours. If you have thousands of seasonal agents in call centers across the country that collect customer data and connect to layers of incompatible systems, then ensuring data privacy protections is impossible.
Rafal: In the Hella Health model, our customers entrust us with their information digitally, and that data travels encrypted to our systems. We know exactly who needs access to the data, and then we can control it and continuously monitor it. Our entire value proposition is built on automation, so in reality the group of people entrusted with potential access to customer data can be very limited.
What kind of technology infrastructure does Hella Health use to support your privacy efforts?
Duane: Our technology backbone helps immensely in securing our customers’ data. We do not have any legacy infrastructure. We utilize the most up-to-date information security technology. We’ve built the system from the ground up with Amazon cloud. It’s a Chief Information Security Officer’s dream.
Rafal: You’re only as secure as your weakest link – be it an undertrained agent on the phone or an old, exposed wireless network in a call center. Our 100% AWS cloud footprint has the benefit of being the most secure – and always encrypted – infrastructure.
How does Hella Health maintain this infrastructure against the ever-evolving data privacy threats?
Duane: Even the most modern technology ages quickly. We maintain a security testing schedule using both internal and third-party resources so we’re able to react to any potential threats before they materialize.
Rafal: We’ve built information security into our strategy as a commitment to our customers, ourselves, and every layer of our organization. All of us believe there’s no other way to protect our customers.
