|
Highland Solutions |
|
|
May 19, 2014 Issue |
||
|
The Most Powerful Name In Corporate News and Information |
||
TECHNOLOGY | INDEX | CONTACT | SERVICES | HOME PAGE |
||
|
Business Automation and Information Technologies for Clear Business Goals |
||
 About
Highland Solutionswww.highlandsolutions.com
Highland Solutions provides
transformative business automation and superior information technologies in
service of clear business goals. |
www.highlandsolutions.com
|
|
|
Interview conducted by: Lynn Fosse, Senior Editor, CEOCFO Magazine, Published – May 19, 2014
CEOCFO: Mr. Nixon, it has been over a year since we have spoken; what has changed at Highland Solutions? Mr. Nixon: We have continued to learn that technology solutions companies like Highland really need to get to know their clients in a way that allows them to understand their issues and concerns deeply and meaningfully. This allows us create a great experience with technology. So much of what has changed in the marketplace tends to be the way in which clients look for technology solutions. Our clients are more informed than ever before. When they come to us, thanks to the power of the internet, what they are really looking for is somebody they can trust and provides a great experience. That is what led us down a path about a year or so ago to begin looking at the issues related to compliance and security within our client base.
CEOCFO: Regarding the trust factor, is it more the technology you are able to propose or the approach you take in presenting it? Mr. Nixon: Definitely the approach. When clients first come to us, what they are really trying to understand is, "Who can I trust and who will listen to me and my business concerns?" We did some research last year with our existing clients, asking them why they do business with companies like Highland. They actually did not know that Highland was the sponsor of the research. Essentially, they came back to three key driving points that influenced their decision to select us. One is that we get to know them—not just getting to know their business needs—but getting to know them, their fears, their emotions and how they are judged. That is a huge part of their decision process. Second is getting to know their business; and that is typically the more standard sorts of themes that you would encounter; business goals, objectives and how the technology they are contemplating can make them more profitable and competitive as well as efficient. Thirdly, which was interesting, was this theme around save me from myself. What they found is that a number of companies that they dealt with which were technology firms, tended to be more "yes" people. They will agree with the client more often than not even though there might be a better solution. What clients are really looking for is our best thinking to help inform their decision, even if that thinking is contrary to what they believe. We have an obligation to be transparent, honest, and to bring that best thinking forward; and when we do, we can be trusted which is a big part of their decision process. You have to be willing to do those three things if you are going to get through the quagmire of technology-informed feature functions conversations of most tech firms.
CEOCFO: What are some of the challenges in keeping current with the regulatory issues, changes are frequent? Mr. Nixon: It changes either because of federal regulation or something happens in the marketplace. Target is an example of that. Something happens that compels people to think about it, act upon it or reassure themselves that they are doing all they can. The issues around data security and compliance I think are many. They are heavily regulated, so you have standards like HIPAA that dictate how protected health information is managed by third parties. You have other industry standards that need to be complied with such as PCI, which is a standard that retailers are expected to achieve. There are certifications that clients want like SSAE16 SOC 2, which is a standard set by the AICPA. There is a ton out there and it moves constantly. When we started getting into this, and clients started asking about it a few years ago, we decided that we were going to take our own journey and try to put ourselves in their position and see what we needed to do in order to be a compliant organization. We started on that journey driven by clients who were expressing concerns over continued cyber attacks, the loss of data and all the other ways in which their systems could be breached. Just recently in April of this year, IBM came out with a study[1] that mentioned that there were 1.5 million monitored cyber-attacks in the US in 2013, which resulted in 91 million events and several thousand incidents. It is growing at a rate of about 12% a year, according to that survey, so this is not a problem that is going away but that is getting more intense. Data security compliance, regardless of industry, is becoming a much bigger issue for companies today.
CEOCFO: Security providers come from different angles with the hardware, software, not when but if and letting you know that something has happened. How do you get through all that noise to know what to recommend to your clients? Mr. Nixon: I think that when companies are grappling with this issue and are looking for help, it is just as important to evaluate the provider or partner that you are working with as it is the technology or the systems. The technology and systems can only do so much: it is the partner that usually is the differentiating factor. The partner is actually working on your behalf and, as such, they need to make sure they know the individual, the company and they need to provide their best thinking on the topic. In reflection, I think we have learned that there is a language to compliance that has to be understood from both the client's perspective and from the partner's perspective. For instance, there is a difference between a breach and a security incident; they may sound similar but they are different. You have to understand the language of data security and compliance in order to create the most effective technical tools and experiential tools necessary to make sure that you are safe and secure. We also believe that in order to build a secure and compliant technical solution, the partner needs to be compliant. Many times a company will go out and hire a firm because that firm has what they think is the right technology and or the right system. What they fail to understand is that security incidents can occur, not because of the technology they deploy or what they do on their side, but because of how the partner conducts their own business. For instance, we build HIPAA compliant technology solutions for our clients, but if we do not manage our own security and our own data and processes properly, we could create a breach of some sort. It is important that clients understand that when you are evaluating your solution, you have to make sure that partner understands it and is just as compliant as you want to be.
CEOCFO: How can someone evaluate without a company like Highland to help? Mr. Nixon: You can ask some simple questions. If you are a hospital for instance, that has to comply with HIPAA regulation, it is important that you ask if the company you are considering is HIPAA compliant. And if so, are they able to engage you with a business associate agreement, which is an agreement where the partner assures you that they will appropriately safeguard your protected health information and align themselves with the same level of responsibility for that information as the covered entity. Look at their operations, visit their company and our just see if they have you check in when you enter. That is a simple way of seeing if they take security seriously.
CEOCFO: Are you able to weed out unacceptable services to help your customers? Mr. Nixon: What we have learned is that in order to be able to provide a real solution for data security and compliance activities you really need to be all-in with the client. This is one of those issues that will often differentiate somebody who you want to choose versus not choose and goes beyond the contractual obligations; you have to share a passion for the issue. Security and compliance is a journey that never ends; and once you are in, you are in. For us that means that everyone in our business needs to be invested, and everyone involved in the clients’ business needs to be invested. They need an interest in creating and maintaining a compliant system. We think that an investment in our own security and compliance measures is an investment in our clients and in the relationships we build with our clients; so we exemplify that passion by the rigor that we use internally to manage our own business. We think that builds a great trusting relationship with our clients. We also think that sometimes a little bit of paranoia is a good thing. You can actually take the fear that people feel about this issue and turn that fear into action: action that is propelled at times by wondering where the next vulnerability lies. You can turn this little bit of the paranoia from negative energy and worry into wind in your sail and actionable activity.
CEOCFO: Highland Solutions was recently named the Three-star VAR Award Winner by SugarCRM. Why the recognition? Why do you like Sugar and how does it help you provide the best for your clients? Mr. Nixon: We were named one of the three-star platinum partners of which there are twenty in the world. We were given that designation for a few reasons. We engage a lot of Sugar clients and build solutions across the country, so we do a great deal of work on the Sugar platform. It is also in recognition of the leadership that we have in understanding client dynamics, for example data security and compliance. We have made a real commitment to take the Sugar platform and making it create value for our clients in unique ways. Even though it is a client CRM system, which typically is synonymous with some sort of sales force enablement tool, we find new and creative ways of using the platform. We think its architecture is consistent and really supports our ability to create customized solutions for our clients. It is a stable system and we like that. We like working with the Sugar leadership team and all the people that support the product. They are responsive to us and supportive of our efforts. It is a platform that we can use as the centerpiece to building out solutions that have to work in certain environments (like a high-security environment). It is easy to use and affordable for our clients. It is a solid platform and a nice alternative to some of the other CRM systems that are out there.
CEOCFO: What is the strategy for the next year or so? Mr. Nixon: We remain committed to this idea of compliance and security both internal to our business as well as with our clients, so we are going to continue to make strong investments in 2014 in that platform. We recently hired a compliance officer, who holds a law degree and a certificate in health law from the University of Pittsburgh. She is also a practicing attorney here in Illinois. We made a strong commitment to continue to reinforce that as part of our practice. We continue to make investments in talented and creative people. As I was just telling another group, in order to create a great client experience, which is why we are here, it takes a combination of good technology, great people and a good understanding of the client to make that happen. We are committed to continue to invest in technology, in our people, and in the patience of time to ask really good questions to get to know our clients well before we do the first bit of work on the solution.
CEOCFO: What is your focus as COO? Mr. Nixon: At Highland, we subscribe to a servant leadership model. A servant leadership model essentially takes the traditional organizational chart and turns it upside down, putting the client at the top. Right next to them are our gifted and talented people that work every day to create a great experience with our clients. It is my job to figure out how to enable them and empower them to do that. I focus every day on ensuring they have the tools, the understanding of our clients, and push aside the barriers that get in their way of creating a great client experience. [1] http://www-935.ibm.com/services/us/en/it-services/security-services/data-breach
|
||
|
|
||
|
|
||
|
Compliance and Security Technology, Highland Solutions, Tech Companies, CEO Interviews 2014, Jeff Nixon, Business Automation and Information Technologies for Clear Business Goals, Recent CEO Interviews, we build HIPAA compliant technology solutions, PCI, standard for retailers, SSAE16 SOC 2 certification, which is a standard set by the AICPA, concerns over continued cyber attacks, the loss of data, ways systems could be breached, data security compliance, Highland Solutions Press Releases, News, Technology Stock, Companies looking for venture capital, Angel Investors, private companies looking for investors, technology companies seeking investors, business automation companies needing investment capital, highlandsolution, highland-solutions, twitter, facebook, linkedin, google plus |
||
