Posts authored by

nmier

Salucro Customers Can Now Accept Mobile Patient Payments With Venmo

Salucro is excited to announce the addition of Venmo, a popular social payment service, to their growing number of available payment options. Salucro is leading the initiative to offer more patient friendly payment options by allowing patients to use the Venmo mobile application to make healthcare payments easily and securely.  Patients can now make payments through the Salucro Patient Payment Portal by selecting the existing PayPal payment button then choosing Venmo.

With the addition of Venmo, Salucro is providing payment options designed to help drive revenue from millennial consumers. Salucro’s product vision is aimed at continued innovation to provide advanced technology that will accommodate each and every patient payment scenario and payment preference.

“Offering more ways to accept patient payments is essential in helping healthcare providers improve their patient responsibility collections. Providing patients the ability to pay with Venmo is an example of how our technology is adapting to the demand of consumers – without requiring additional implementation by healthcare providers.” -Clayton Bain, Salucro CEO 

Offering Venmo as a payment option is evidence of Salucro’s commitment to helping the healthcare provider market increase patient payments, reduce bad debt, and improve the patient financial experience.

 

The Salucro Payment Platform Joins The Epic App Orchard

The Salucro Patient Payment Platform provides patients with an efficient payment experience without leaving the Epic MyChart application.

Salucro, an advanced payment platform, is now available in Epic’s App Orchard. The Salucro Patient Payment Solution allows a patient to make a payment using a Salucro iframe directly within the MyChart application. The Salucro iframe protects payment data while patients are using the credentialed login, guest checkout or the MyChart Mobile App, which will help reduce the healthcare provider’s PCI scope. This integration allows providers to leverage Salucro’s advanced payment platform to make patient payment collections easier and more efficient.

The Epic App Orchard is a marketplace for applications that have been built on top of the Epic Platform. Epic’s App Orchard helps businesses improve the value of the products and services marketed to the Epic community—the single largest group of EHR users in the U.S. The program gives participants access to key Epic tools and technical support, ensuring that the Salucro Payment Platform is fully integrated within Epic.

“As patient responsibility payments continue to rise, we know that providers need innovative ways to maximize their patient payments. Salucro has streamlined workflows by continuing to integrate into existing EHRs to improve the patient payment collection process.”
– Clayton Bain, Salucro CEO

About Salucro
Salucro has created a cloud-based platform that provides revenue cycle management tools that makes it easier for patients to make payments and provide advanced real-time reports with proven ROI. Salucro’s payment processing platform is PCI DSS Level 1 validated and HIPAA compliant. Salucro offers a PCI validated P2PE solution that protects the cardholder data from the point of interaction to the payment processor/gateway, making Salucro one of the most secure solutions available today. To learn more visit http://www.salucro.com.

CONTACT

Natalie Moore

nmoore@salucro.com
480.658.2702

Patient payment transactions: A confluence of security and compliance considerations

Patient payment transactions: A confluence of security and compliance considerations

» The patient payment transaction is an often underestimated source of confusion and under-compliance.

» Breaches or weak safeguards in patient payment systems can affect millions of individuals over a short amount of time.

» Security requirements relating to patient payments come from a variety of sources, including HIPAA and PCI DSS.

» Network segmentation, encryption, and outsourcing are attractive solutions to minimize liability for a healthcare provider.

» A healthy compliance program will involve familiarity with the applicable privacy and security obligations as well as industry solutions to reduce exposure to liability.

Ken Briggs (kbriggs@salucro.com) is Vice President of Legal Affairs at Salucro Healthcare Solutions, LLC in Phoenix, AZ.

 

Overlapping  compliance considerations

The healthcare industry has recently seen a host of breaches, non-compliance, and other frustrations relating to security, regulatory, and related compliance obligations inherent in receiving payments from patients via modern financial obligations, such as deductibles, co-payments, and other self-pay obligations, make up a larger portion of a healthcare provider’s balance sheets.

Accordingly, providers are looking to increase the collection rate of patient financial obligations. As payment processing and collection efforts become more important for a provider’s bottom line, so too is attention to the compliance requirements accompanying those efforts.

This article will highlight (a) the most comprehensive compliance requirements in receiving patient self-pay obligations; (b) operational hurdles presented by patient payments in modern healthcare settings; and (c) key aspects of a smart approach to maintaining compliance.

Overlapping Compliance Considerations

The healthcare industry has recently seen a host of breaches, non-compliance, and other frustrations relating to security, regulatory and related compliance obligations inherent in receiving payments from patients via modern payment options. With this web of transactions arising from patient payments, a gap in compliance or awareness is costly. One southwestern hospital system suffered a breach of their payment system affecting more than 3.7 million individuals. The breach is believed to have occurred through point-of- service payment card devices in the food and beverage systems. After exploiting a vulnerability in the payment systems, the attackers were allegedly able to access other components of the information infrastructure, including health records. The costs of this breach may rise into the millions.

This sort of liability necessitates a careful understanding of the compliance requirements involved in accepting patient payments. The leading sources of compliance obligations relating to patient payment transactions are set forth in the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the Payment Card Industry Data Security Standard (PCI DSS). Other federal, state, and non-governmental authorities establish additional compliance considerations, but HIPAA and PCI DSS require the most attention, because their reach is the most expansive.

HIPAA permits a healthcare provider to use or disclose protected health information (PHI) for its own payment purposes. This broad permission does not mean HIPAA is of no consequence during the payment transaction. Even though payment information may not include diagnosis information, transactional data may still be protected health information subject to HIPAA if there is a reasonable basis with which a patient can be identified through a review of the data. Self-pay financial transactions may involve names, credit card information, dates, account numbers, facility locations, and other information that is subject to HIPAA protection. Therefore, providers should ensure HIPAA compliance throughout the payment transaction process. In general, the HIPAA requirements pertinent to the transactions are found in the Security Rule.

HIPAA’s Security Rule requires appropriate  technical and physical  safeguards to protect against the unauthorized access, disclosure, or loss of electronic information, which, for patient payments, may involve hundreds if not thousands of transactions per day. Privacy and data security obligations require the healthcare provider to secure the payment and related information in a manner that preserves the availability, integrity, and confidentiality of the information. The fact that a provider’s payment system facilitates many transactions attributable to many patients means that specific care should be taken to protect those system components.

Where a healthcare provider engages a third party to facilitate patient payments, the service provider must be ready, willing, and capable to ensure that appropriate controls  are in place to satisfy the stringent HIPAA requirements. For large healthcare providers, the number, complexity, and sources of the patient self-pay obligations will necessitate careful scrutiny of the service provider’s capabilities and safeguards.

PCI DSS is more unfamiliar in the healthcare industry. PCI DSS sets forth information security standards agreed upon by card associations (e.g., Visa, MasterCard, American Express) for any entity that handles card transactions—the most common method of payment for patient self-pay obligations.

Every organization along the path of a transaction, from issuance of a payment card to the acceptance of a card payment, must comply with PCI DSS. As patients choose (or are required) to bear more responsibility for payment, the scope of liability for a healthcare provider under PCI DSS increases, as does the risk of non-compliance.

The PCI DSS requirements can be broken down into six categories:

  1. Networks that facilitate, transmit, or store sensitive data must be securely implemented and maintained with safeguards such as firewalls and safe password
  2. Sensitive cardholder information that is permitted to be stored (e.g., birth date, phone number, address) must be stored Transmission of such information must be encrypted.
  3. Systems must be protected with sophisticated programs that are regularly updated to prevent malicious threats from acquiring cardholder
  4. System access should be restricted to only authorized personnel with audited
  5. Networks should be closely monitored, tested, and
  6. Network safeguards should be implemented pursuant to an information security policy tailored to the specific card- holder data

Healthcare providers must ensure PCI DSS compliance with those parts of the system network and devices that process, store, or transmit cardholder data (referred to as the cardholder data environment). Depending on how a healthcare provider has structured its network, the cardholder data environment could be very complex and large.

Unlike HIPAA, PCI DSS requirements are administered and enforced on a contractual basis, and non-compliance is accordingly addressed through the contractual relationships. Fines for PCI DSS non-compliance may be assessed up to $500,000, which does not include legal fees, contractual liability, or lawsuits that typically accompany breaches of payment information.

PCI DSS contractually assigns liability for breaches or other loss events among the respective parties in the payment chain. Where one or more parties in that chain fails to comply with PCI DSS and a loss or breach occurs, the card associations and the banks may suffer losses, which can then be passed down through the contractual relationships based on the parties that committed to compliance. For this reason, the extent of liability is more ambiguous then in a regulatory framework, but the consequences and expenses can be just as severe and unforgiving.

Although HIPAA and PCI DSS are the most visible compliance frameworks for patient payments, healthcare providers should be aware of the other requirements, which arise under law or contract often based on the payment types available to a patient for payment. Other patient payment compliance frameworks include federal requirements such as Clearing for the 21st Century Act (Check 21) for check clearing, Office of Foreign Assets Control (OFAC) screening requirements, USA Patriot Act for “know your customer” requirements (i.e., anti-money laundering), National Automated Clearing House Association (NACHA) Operating Rules for ACH transactions, and a myriad of consumer protection and notification requirements. State laws may include separate requirements applicable to payment transactions as well.

As should be abundantly clear, payment transactions come with unique and overlapping compliance obligations that are not typical in other aspects of a provider environment.

Operational considerations in addressing  compliance

Receiving payments directly from patients poses obstacles unique to the healthcare industry, primarily for three reasons. First, the final amount a patient may be required to pay is frequently not known when the patient is present. Second, for many providers, the payments must be accounted for and tracked across more than one department or facility and even across separate practitioners. Third, payments  may  be unexpectedly high or may be paid by individuals other than the patient. Each of these obstacles slow the collection process and may make some payments uncollectable. Overcoming these obstacles in a way that minimizes business disruption and maximizes cash flow requires a specific appreciation for the nature of patient payments in the healthcare industry, all while ensuring compliance associated with the applicable payment types.

As discussed above, the compliance requirements under HIPAA, PCI DSS, and other information privacy and security frameworks impose overlapping but distinct obligations. In other words, compliance with one framework is not sufficient for compliance with the others. Given the broad scope of liability, providers are seeking ways to reduce the burden of compliance.

One of the primary ways healthcare providers reduce liability and the costs of compliance is through the reduction of exposure to sensitive payment transaction data in general. As to PCI DSS, exposure can be reduced through network segmentation, which involves separating payment systems from other systems of a healthcare provider through network design and architecture. Network segmentation allows a provider to focus its compliance efforts on the specific components of a payment system that are subject to PCI DSS requirements.

In addition to internal segmentation initiatives, certain types of modern technologies  are emerging that enable a provider to reduce PCI DSS data compliance obligations relating to patient payments. One such technology is referred to within PCI DSS as Point-to-Point Encryption (P2PE). P2PE solutions are established pursuant to specific Payment Card Industry standards and are provided by a third party through a series of secure devices and software that encrypts sensitive payment card information from the point of interaction until the payment information reaches the secure environment of the payment processor or gateway.

P2PE solutions reduce a healthcare provider’s responsibilities under PCI DSS by allocating the risk of failure on the service provider that facilitates the encryption services. P2PE solutions minimize the points of liability that would otherwise be the healthcare provider’s burden, namely the risk of fraud or error in the transmission of the payment information. In addition to allocating the liability  to a third party, the healthcare provider can save on the costs of continued monitoring and compliance that may be required without the encryption solutions. Adopting safeguards such as P2PE does not eliminate PCI DSS compliance obligations. For example, a healthcare provider would still be subject to PCI DSS requirements regarding physical access to the card information at the point of payment or transactional-level reports containing cardholder data.

Healthcare providers can further reduce PCI DSS liability (as well as liability arising under other payment compliance requirements) by shifting the compliance obligations through contracts with payment solutions service providers. Engaging a qualified third party to perform—and take ownership of— specific functions involving PCI DSS and similar compliance requirements can be an efficient way to shift the obligations. These functions can include software licensing, device acquisition and maintenance, and data management. Contracts with third parties that assume a healthcare provider’s compliance obligations should identify the services the third party performs, designate which party carries the burden of compliance, and describe the consequences for non-compliance. Service providers that are not familiar with healthcare regulatory requirements may not understand or appreciate the stringent response requirements, sophisticated safeguards, or business considerations that are fundamental in the healthcare industry.

In addition to good contracting practices, providers should be aware that certain compliance frameworks may mandate specific contractual terms such as representations or other provisions. For example, under HIPAA, where a business associate relationship exists, a provider should ensure that an effective, compliant business associate agreement is in place with the service provider. For contracts relating to payment processing services, the acquiring banks, card associations, or other parties in the payment chain may require certain monitoring or contractual obligations as a condition of shifting liability under the applicable compliance frameworks.

Key aspects of a healthy compliance program

The trend of shifting payment obligations directly to the patient is accompanied by increased scrutiny by regulators, industry parties, and actors seeking to exploit non-compliant or weak systems. The best practices described below are pivotal aspects of a healthy compliance program for patient payments:

  • Understand the full scope of compliance activities associated with patient payments, including HIPAA, PCI DSS, and other compliance frameworks
  • Evaluate ways to reduce exposure (and associated liability) under these frameworks including adoption of enhanced network safeguards and other de-scoping strategies
  • Engage knowledgeable service providers that take compliance activities
  • Adopt a process to routinely monitor service providers to be reasonably aware of operational competence
  • Continually re-evaluate the scope of compliance and adopt new strategies or safeguards to militate against the risks of non-compliance or breach

Conclusion

Accepting patient payments in the modern healthcare delivery system brings about significant operational considerations that must be addressed within the confines of stringent data privacy and security requirements. Given the number of transactions and the associated exposure to regulatory and contractual liability, healthcare providers should ensure that their compliance practices extend to the adoption and implementation of a system to accept patient payments.

  1. Joseph Conn: “Banner Health cyberattack impacts 3.7 million people” Modern Healthcare; August 3, 2016. Available at http://bit.ly/2oOpLXy
  2. view HCC Compliance Today Magazine here http://bit.ly/2sLNOXh

 

 

The Patient Experience | Marina Rios

October is Breast Cancer Awareness Month – an annual campaign to increase awareness of the disease. While most people are aware of breast cancer, few often take the necessary steps to detect and/or prevent the disease in its early stages. We encourage everyone to participate in an early detection plan that can help you prevent/treat Breast Cancer.

Marina’s story of strength, determination and survival will inspire you to participate in an early detection plan, to get involved in your community and help others who are battling cancer.

How old were you when you were diagnosed with Breast Cancer?

I was 31 years old. Early in 2015 while I was training for the Phoenix Marathon, my third time trying, I noticed an ache in my right breast.  Knowing that my mom is a two-time breast cancer survivor BRCA1+, I knew I was at risk and decided to get checked. My mammogram was one week before the race.

10858514_10202682624946663_7688901151428930203_nThe race was the perfect distraction, I focused on the race, my goal was to qualify for the Boston Marathon, and I did it, with a 3:31:59 marathon time! Boston here I come! The next week my biopsy results came back, I tested positive for Stage 2 Bilateral Breast Cancer, Triple Negative, BRCA1+. I had a new “marathon” to focus on.

What was your treatment plan?

Since I knew my mom was BRCA1+  positive I had blood drawn to do genetic testing. I want to stress this for anyone with breast or ovarian cancer in their family! It’s important to know your risks so you can decide what’s best for you. It was during that process I had the mammogram and biopsy done. Everyone’s breast cancer is different. I have triple negative breast cancer meaning there is no hormone receptors for my cancer.

11873776_10203519231781311_4402620199483300751_nSome women have to be aware of hormone medications or take medication after treatment. My cancer responds best to chemotherapy and we started with that immediately. I had 16 infusions of chemotherapy. Two weeks after that was finished I had a bilateral mastectomy and expanders placed for reconstruction. All tests came back clear after surgery so I am now cancer free!

How do you stay so positive?

When the doctors tell you “one day at a time” it’s so true! There are so many tests and doctor visits and therapy and treatment. I had a second opinion consult and choose doctors I was most comfortable with. After that I would focus on what made me feel good like healthy nutrition, walking my dog, yoga, or just normal stuff like attending  birthday celebrations.  One day at a time for me meant anything from taking a 20 minute nap at work or drinking ginger tea to prevent nausea. I had moments of sadness like when my hair started to fall out, but I always had a plan.

11899766_10207627336863001_4179253804468163802_nWhen I shaved my head I had friends around me for support. I decided during this process I didn’t want to waste a day of feeling good worrying about what tomorrow would bring. Cancer will force you to live in the moment in the greatest way. Everything means more after cancer. When I became grateful for life, people saw it and returned the positive support.

What are you most looking forward to in 2016?

This week I registered for a race I’m not sure I’ll be able to do yet and that’s the 2016 Boston Marathon. If I get in, I will have three months to train after my last reconstruction surgery in December. I’ve never been more motivated to get back to running and country dancing with my boyfriend, but I have to remember…one day at a time.

The Consumer Experience | Kevin Kumler

During your career you’ve represented healthcare providers and healthcare companies. How have you seen the patient experience evolve since you started?

Considering there was no iPhone, mobile apps, or Facebook when I first started out, there have been fundamental shifts in the world as well as in the healthcare industry.

In looking at the broader changes since then, technology has advanced at an unprecedented rate. It has helped us do things we’re already doing better and faster, and allowed us to do things we could never do before. It also allows us to solve patient problems that have been persistent pain points since I started in the industry in the ‘90s.

These new experiences across all other consumer industries have conditioned patients to expect the same levels of choice, immediacy, and personalization when it comes to their care. While patients used to be a passive participants, they’ve since shifted to become more informed and empowered. In healthcare today, patients have started to play a more active role and they “get a vote”.

The shift from patient to consumer is a topic we are hearing a lot about in the healthcare industry. Many cite different reasons driving this change, including patients taking on more financial responsibility for their own treatment. Could technology and options like ZocDoc also be at the heart of this change?

Patients have become accustomed to elements that have benefited them in other markets: transparent and clear information, readily available alternatives, and low switching costs. These elements have finally come to healthcare, and they’re giving patients an opportunity to sit in the driver’s seat as they do in most other areas of their lives.

ZocDoc’s CEO Cyrus Massoumi founded the company in 2007 after he had a terrible – but typical – experience as a patient. He ruptured his eardrum upon landing from a flight and needed to see a doctor. Like most patients, he cared about who he chose to see.

He was in the driver’s seat, and he did what most patients did: he started calling down his insurance directory list in alphabetical order. After too many calls yielding wrong numbers, out-of-network providers, and practices not accepting new patients (one provider listed had even passed away), Cyrus finally found someone who could see him – but not for four days.

Because Cyrus cared, and he recognized a personal yet universal need, ZocDoc had to exist. Technology, like ZocDoc, is able to quickly and seamlessly provide solutions to persistent and systemic problems.

Thought Leadership is promoting progress in all industries and healthcare is no exception; ZocDoc’s CEO, Cyrus Massoumi, is a perfect example. What makes the concept of thought leadership valuable to the healthcare community specifically? Which “influencers” do you follow?

I believe many of the breakthrough ideas in any industry come from thinking in other areas, and healthcare certainly needs some breakthrough ideas.

This is especially true for a category-creating business like ZocDoc. We tend to look outside of healthcare and toward other industries such as airline companies, online retailers, financial services, and more. We learn from the successes and failures of upstarts who reshaped entrenched industries, and from incumbents who too quickly found themselves unseated.

We’re also fortunate to have a fantastic collection of advisory board members and investors – esteemed individuals such as Vinod Khosla, Jeff Bezos, Marc Benioff, Senators Daschle and Frist, to name a few. We are honored to count them as thought partners and advisors to ZocDoc, and their insights and experiences are incredibly valuable.

You are working for one of the fastest growing healthcare startups in the industry. What makes the startup space exciting to you? How has it pushed your limits and shaped you as a professional?

When I started to explore what I wanted to pursue after many years at McKinsey & Co., I thought about how I wanted to invest my time. I knew that I didn’t want to work for a big company and wait decades to start to see results. Startups have invariably changed each industry, seemingly overnight, and I wanted to contribute to a fast-growing company that would transform an industry.

I had a few other criteria to meet: I wanted the company to have fervent supporters, a strong executive team, and a brilliant product. ZocDoc fit all of those needs, and I joined the team nearly three years ago.

Being here matters personally, because what I do at ZocDoc impacts where the company goes and how it grows. Given that so much is new, there’s not a week that goes by where we don’t have an opportunity to solve a problem we’ve never encountered before. Luckily, I work alongside a super talented team all united around a singular mission: to give power to the patient. Not only is there tremendous passion and caliber of people here at ZocDoc, there is also great diversity of talent – across industries, experience, and functional skillsets.

Of course, we also all work really hard. I often tell my former McKinsey colleagues that I work harder at ZocDoc than I did at McKinsey (which is not known to be an easy path). But the ownership I have at ZocDoc pushes me, because every single day I have high-priority items on my list that just can’t wait. My limits are constant prioritization and dedicating time to finding the best talent that can help us scale even faster.

Only 1 in 5 Americans can easily access a primary care physician. How is ZocDoc changing that? Can you share how simple and direct access to healthcare started at the core of the company’s mission?

We like to say that ZocDoc is the beginning of a better healthcare experience, and we take that “beginning” part literally. We started by improving the first step of patients’ healthcare journey: access. Today, according to Merritt Hawkins & Associates, the national average wait to get in to see a doctor is 18.5 days. The typical ZocDoc patient sees a doctor in less than 24 hours.

A huge part of delivering this speed is transparency (just like Uber creates transparency for riders and drivers, instantly matching up their needs). We are able to surface what we call the “hidden supply” of care.

Up to 25% of a doctor’s schedule shifts at the last minute due to cancellations, reschedules, etc. Before ZocDoc, those unused appointments would go to waste. But through our real-time marketplace, we’re able to take a precious resource (doctors’ availability) and turn it into supply (open appointments for patients seeking care). It’s a win for patients and a win for providers, too.

We’re proud of the work we’ve done to improve access, but of course, that’s only the beginning. We will continue to solve more and more patient problems from there, to fix the broken systems that get in the way of good care.

How is ZocDoc partnering with hospitals and healthcare systems? How can providers offer the company’s service to their patients?

We work with more than 170 provider organizations throughout the country who are seeing great value from ZocDoc. Over time, they continually deepen their relationship with ZocDoc to bring more and more of their providers on board. That’s because we help them solve some of their most fundamental challenges. To name just a few:

Access: A recent study we conducted showed that roughly 60% of patients could not get an appointment via phone on their first try. Our health systems partners want patients to be able to get in to see the right provider on their staff as quickly as possible. ZocDoc is giving them the tools to do this.

Filling cancellations and reschedules. We can instantly publish this availability so that a patient looking for near-term availability can get in to see that provider.

Managing capacity: Per Se is one of the top restaurants in New York City, but you can make a reservation on OpenTable. This isn’t because Per Se needs help filling an 8 pm reservation on a Friday night. But a 5:30pm seating on a Tuesday might be harder to fill.  The same is true for highly sought-after providers.

Freeing up office staff: Some recent studies and our experience suggest that it takes 8 minutes to book an appointment by phone. We allow patients to do that instantly online, and free up the office staff to care for the patients who are already in the office. In fact, roughly 45% of the appointments made via ZocDoc are booked when the doctors’ office is closed.

What is the response ZocDoc is seeing on a national level from patients and their healthcare providers? How is the company helping with ER and Urgent Care overflow?

When our founders first started out, people told them ZocDoc would fail. They spent the first three years in NYC, proving the concept and making it work. Then people said, well of course it works in NYC – but it won’t work anywhere else. And then we successfully expanded to more major cities. Then people said, well of course it works in urban areas – but it won’t work anywhere else. And then we successfully expanded to rural areas and urban outskirts. Fortunately, we don’t have quite as many naysayers these days.

Today, millions of patients across the country use our service each month, and they’ve booked more than 1,000 different types of appointments across 50 different specialties. What makes us proud is how we’ve grown from word-of-mouth. Patients love ZocDoc and they recommend us to their family and friends. We even see people using ZocDoc as a verb.

As for acute care specifically, ERs are overflowing and Urgent Care centers are popping up everywhere for two reasons: 1) access to primary care is difficult, and 2) patients are looking for convenience. We help alleviate these trends by improving access to primary care. Boston is an extreme example.

The same Merritt Hawkins study I referenced earlier showed the average wait to see a primary care physician in Boston is 66 days. Over two months! By the time you would have seen the physician, you may have gotten better, sick again, better, and sick once more.

We are now working with six major systems in Boston to provide access to primary care physicians and nurse practitioners. Even in Boston, via ZocDoc, you can be seen within 24 hours, and often on the same day! We also know we help with acute care. Thirty-eight percent of ZocDoc appointments could have taken place in an ER or Urgent Care center – often at 80% the cost.

What makes you most proud to be at ZocDoc?

As I mentioned earlier, it’s an amazing opportunity to help shape a company that is shaping an industry. ZocDoc is a mission-driven organization, and I feel good standing behind it.

We see how our work directly benefits people’s lives. We receive really powerful feedback (anonymized, of course) from patients which our entire company receives in their inboxes each and every morning.

And outside of work, when I tell someone what I do, they often respond “Oh, I LOVE ZocDoc!” Then they typically go on to share their story about how they really needed to get in to see a provider and first discovered ZocDoc. We typically helped them out in a time of need. People remember that, and I love being part of a team that gets to deliver in moments of real need.