 Hi, this is your host, Saptan Bhartiya, and welcome to another episode of TFI Let's Talk. And today we have with us Shabh Sinha, co-founder and CEO of Integral Shabh. It's great to have you on the show. Yeah, thank you for having me. Looking forward to speaking today. Talk a bit about the concept, the idea behind the company, why you created the company, and then we can also talk about the focus area, what are the few that you folks work in. Integral automates all of the compliance processes necessary to work with healthcare data. So our goal is simply to enable speed in an industry that currently doesn't have it. And what we do very mechanically for companies is there's so many companies who want to work with very sensitive healthcare data and combine it with other types of data sources, such as geographic, demographic, and a variety of other sources in order to get a 360 footprint of a customer or a patient in order to develop better treatments, have more informed messaging, and a variety of other use cases. The problem is when you're working with healthcare data, especially sensitive data governed by regulations such as HIPAA, you have to go through lengthy, manual, arduous compliance processes that are typically human led today in the form of consulting. And I came upon this in my last role where I was at a company called LiveRamp, a public tech company that traditionally focuses on ad tech, but I was in their new incubations unit, kind of like a smaller version of Google X, where we were experimenting with different data and all these technologies in healthcare, and we continuously bumped up against this compliance problem of we have all the right data, we have all the right technology to combine it, but we can't do the thing that we want to do, combine the data until we get the okay from a privacy and compliance perspective. And so I would work with consultants, specifically HIPAA consultants, to come in, take a look at our data, take a look at our processes, engage in a pretty lengthy traditional consulting process every time we wanted to combine a set of data. And then we would finally be able to deliver value for the clients by running analytics or some sort of queries. And so that's how I happened upon this problem. And given that I was doing the manual fixes myself, I realized after two years of doing this, this should be a software such that there is no human layer or there's very minimal human layer and there's an automation there. So integral is that automation to ensure that companies can seamlessly, quickly, and most importantly, compliantly work with healthcare data as quickly as possible for analysis, machine learning, marketing, and a variety of other use cases. When you're talking about leveraging health data for a lot of other things, so talk about the market industry that we are talking about here. There are a variety of companies looking to leverage healthcare data for analysis because it's such a valuable dimension to someone's life. You can imagine your prescriptions, your history of surgeries, all of these very, very important things in your life make for a great analytic profile, especially when attached to the non-medical parts of your life, such as where you live, where you grew up, what kind of food you eat, et cetera. However, we're focusing primarily on life sciences and digital healthcare companies today. So our customers, potential customers, and partners, potential partners as well, range from big pharma, big insurance, as well as series B, series A, digital healthcare companies, and that's primarily because these companies are on the front lines of performing very novel bespoke analytics in order to, for example, aid with clinical trial development and recruit the highest efficacy patients or the people who are most likely to be positively impacted by certain drugs, or these companies already have medications in the market, but those medications are not able to get to the right people, and so the messaging has to be in a way such that you can cater to an audience. So, for example, one of the use cases that we were coming across was there was a drug out on the market that could help a lot of people with a very specific condition, but it was primarily for people in rural places, and you can't just kind of put a billboard in for like a drug ad or anything like that, or you can't just kind of fire off TV ads. You have to have very targeted messaging in a way that reaches people where they are, and so we helped power that use case by safely, compliantly, and very quickly combining a variety of data sets that the client wanted to combine, and so the industry we're going for at the moment is like large pharma, large insurance, and digital healthcare companies, primarily because they are looking to have patient-centric, outreach patient-centric development, and that's what we want to be able to power in a very compliance privacy first way, such that that trust is built with the consumer and they can rely on their data being safely used. As you said, you partner with a lot of companies, you also, this is an area where you may also be working with government agencies, so it's like a private and public sector engagement. Talk a bit about who are you catering to? Right now, we're catering to primarily commercial use cases, so on the kind of government side of things, it's definitely something that's on the road map and the pipeline. However, we're focusing more on private, or I guess technically public companies as well, but private enterprises such that we can make a dent where the customers feel it the most, and so what I mean by that is these private companies are looking to make sure that their treatments are as bespoke as possible, they're reaching the right people for their treatments, and so all of that for us, that represents the entire kind of landscape that we want to capture right now where there's this breakdown of being able to use data quickly and compliantly, and then consumers wanting medications or more informed messaging today, but the company has to wait for compliance approvals, the consumer is kind of in the dark there, and so we want to help bridge that by providing this flexibility and speed that's never really been had, primarily because today you wait on a consultant, they give you eight to 10 weeks of turnaround, and then you can finally run analytics, then you run a business decision, then it impacts the consumer, and so each of those steps is incrementally delayed, primarily because there's no automated compliance layer, or I guess not until today, and so that's where we're trying to service the gap there or bridge the gap there. As you earlier said that even you, when you're working, you're doing a lot of things in a manual manner, and you wanted to automate a lot of things, talk a bit about, because this industry is, if I'm not wrong, quite mature healthcare, and of course, as you said, compliance, it's very well-regulated industry, so why is it that there's a lot of processes which are still manual? Certainly, so I'll go through an example use case, which shows some of the incremental technologies that are there, but really why we exist, because I think we marry a couple of different automations together, and optimizations as well, to be able to create this suite, and I think that's what really gives the entire value to it, so a typical use case that we would service is that a pharma company wants to develop more informed messaging such that more potential customers can understand the treatment is available in their area, or that a new particular treatment has come out, and so they get geographics, demographics, wearable data, which is non-sensitive data, it's not governed by policy, and then they get prescriptions data, history of surgeries, a lot of this sensitive data that's governed by policy, and they want to put this together for a 360-foot print, such that they can understand, who do I best market to, how do I best reach these people, given X, Y, and Z variables, both from the medical and the non-medical life, and so today what would happen is that company contracts a HIPAA consultant, that HIPAA consultant is sent the data sets, is sent the context, there's Zoom calls, email threads, all this kind of traditional consulting process, and then finally the consultant looks at the data, says, yes, this is possible, no, this is not possible, here's X, Y, and Z reason, why here's X, Y, and Z recommendation to change the data set, and then after another lengthy process, the data set is remediated, sent back to the client, the client has then sent documentation for exactly what happened, such that the compliance departments at each of the respective companies can take that and internalize that report and memorialize it, and then the data set is ready to go for analytics, and so by this time we're at 12, 13 weeks at least, and so there are incremental technologies in there where they have product management tools and all of that, the issue is that there's no end-to-end suite of automations until today, where it automates the work that the consultant is doing, so the privacy risk analysis, and the collaboration, so integral steps in today to do both, so how does integral work? Integral is a data product that sits on top of a data storage system, such as a GCP, AWS, those are the most common ones, we also work with custom storage solutions, and we continuously monitor for data sets being uploaded, changed, any modification, and we're this continuous monitoring agent that flags lack of compliance because we're continuously running privacy risk analysis, you don't have to onboard us, you don't have to send us the data, we meet you directly where it's at, and then we flag all the problems via our platform, you're able to fix your problems in a UI, you're able to experiment with different data combinations, data iterations, see your compliance score go down up, whatever the result is, and then once you get to a sufficiently low level of risk, you can hit the go button, and output of our software is the remediated data set, as well as all of the compliance documentation, because we've automated the end-to-end process, we can record everything as we go, and so that's how we build this technology where there's individual points today where there's technology helping, however, there's no end-to-end suite that pretty much powers the end-to-end from meeting at the point of your data to the point of compliance, and that's how we take away human involvement to a certain degree, and then one call out there is that our automations are developed in consulting and in collaboration with our HIPAA advisor, whose name is Dr. Bradley Malin, and he is one of the leading HIPAA consultants for governmental agencies, top tech companies, top pharma companies, et cetera, so a lot of the robustness we have and the privacy risk analysis we can run, we have, because we can collaborate with him so closely as our exclusive advisor. What else are you doing to ensure that you are fully HIPAA compliant? So one, on the third-party resource side of things, we retain both HIPAA and legal counsel, and that's primarily for the reason that we are in two worlds, we are in compliance, we are in data, and so we must maintain that, I think, on the legal front as well, so we maintain pretty robust documentation, robust reviews, and then in addition to kind of maintaining the third-party resources, internally, we have a pretty robust compliance program that ensures all the data that we take in, if that is what a client wants, or should we meet the client at the point of data storage, all of that is recorded as meticulously as possible in a client-facing way, such that they can see all of the processes, all the policies we have, and then one thing to note also is that while we are HIPAA compliant, and have followed the right procedures to become HIPAA compliant and maintain that, we also realize that a lot of our customers have this sensitive data and they don't want it to leave their environment, so we have an offering that takes our software, packs it into their infrastructure, such that no data ever leaves and all processing happens on site, and so I think of our HIPAA compliance program as something that makes people feel very comfortable, and then to take that to another layer, we meet people where they're at and we make sure no data leaves if that's what makes them the most comfortable. We've seen that be the most common implementation, and we're happy to work with that, just given that that is what the industry desire is. Let's look at the ecosystem and market, the changes that you are bringing there. Of course, healthcare insurance, whether it's auto insurance, life insurance, auto insurance is big, they're a big consumer of big data, they have a lot of devices in the cart, how they track, how you're driving and everything else. Talk a bit about how big data is going to have impact on the healthcare industry. I came into healthcare primarily right at the beginning of COVID or right before, and so I was able to observe pre-COVID healthcare data attitudes and then the during COVID attitudes and now the post-COVID attitudes towards data, and one thing is very clear where data-driven strategies have always been a priority for large pharma, large insurance and digital healthcare companies. However, now it's becoming a top one, top two priority in the sense that when there was all of this, the world basically stopped, right? And so when you had to reach consumers in a way they wanted to be reached, that boiled down to how do you understand where consumers want to be reached and how you look at their habits, you look at their preferences, all that is stored in data sets, and especially during COVID, there were both governmental policies and social habits and technological trends that inspired such robust, such widespread data sharing that digital repositories of geographic, wearables, claims, prescriptions, all of these data repositories exploded in data collection because people were so willing to share data and that's something that's continuing today. People are not shying away from sharing their data. I mean, you could kind of think anecdotally how many people in your life have gotten a wearable in the last two to three years. And so just going along with that trend, companies are realizing that there are large data repositories to be able to leverage and they have no problem buying that data. They have no problem analyzing it and integrating it. The piece that comes and slows things down is how do you compliantly do all this such that you have privacy, patient trust, all of that be at the forefront while still moving quickly. And that's why we exist where we can take this massive trend, massive technological tailwind that's happening where all of these data repositories are growing and they reveal so much about consumers in a very helpful way and we can help companies combine that as compliantly as possible. So they can be within the rules and walk the line between data utility, so AKA analytics value and patient privacy. Talk a bit about what kind of value you are bringing to the ecosystem to not only stand out from the computers but also kind of helping other players also improve on their own services. I see that in two ways. One, what we have on our team, just because I haven't gone through the team yet, is a mix of healthcare plus data expertise. So I come from the world of leveraging large data for healthcare analysis, healthcare machine learning workflows and a variety of other use cases. And I was working with the top pharma and life sciences, sorry, top pharma and top insurance companies to do this. And so kind of bringing in that very intimate experience of all the pain points, like that is like a major value on our side of things. And then on the other co-founder side of things, my co-founder and CTO, John, comes from Salesforce data ingestion, sorry, building Salesforce data ingestion products, building large scale data systems. And so with this healthcare data product that simultaneously serves compliance stakeholders, data stakeholders, the team expertise is crafted and I would say like married well in order to have a very seamless execution of that. So that is one thing we see both in sales calls as well as like product usage that stands out. And we've tried to have that that be a big differentiator for us. And the other pieces of this is that we are automating compliance by way of a data product. But as we spread through the ecosystem, we're actually building an infrastructure such that we can facilitate safer exchanges of data. So for example, company X using integral wants to work with company Y using integral. Compliance is no longer this fragmented thing for them where they each have to bring on consultants. They each have to align on methodologies because we're already there as a continuous monitoring agent in their data storage system. Should they want to share data with each other? We can power that data exchange through that standardized and automated compliance in a way they've just never been able to before. So these two things, product plus infrastructure, I think combined to make a very high network effects differentiator as well as companies want to share data with or without us. And so we are making it more seamless because collaboration is necessary. In the healthcare industry, no one entity owns all the data that they need to because of the regulations and the fragmented space. And so for us to be able to bridge together data silos that and to do that quickly and compliantly that represents a massive differentiator and it is our end mission here. And then we start relying more and more on software actually the word today runs on software, but we also have to be concerned about because software, they have bugs that's part of software development. You can not remove bugs from that misconfiguration. Are there a lot of other factors that can, can you also talk about since, you're relying on automation software, the security aspect. So because compliance itself cannot be achieved if there are some security breaches or security threat in the software itself. So how do you ensure that as well? One thing that maybe gets synonymized with automation is like replacing of humans of some sort. And I do think that that's a misnomer only because humans have their value in the process and the technology has its own process. And the security is in my opinion, the marrying of those two concepts. And so for example, our automation is informed by some of the best minds and healthcare data compliance today. And I don't see that ever changing, primarily because the software is great for its purpose, but it has to be architected and designed by people who have an understanding of the space, have been in the space and will continue to see where the space goes. And so for us, we're not necessarily even replacing humans. Yes, you need fewer of them with our automation. That being said, what we're seeing is that humans who typically had to do the work, for example, in my previous role, they can now become overseers. So instead of execution, they can be analyzing to ensure the output or the final process works out to their expectations. And so for us, it is a priority always to maintain human expertise in the form of software because you're right, software does have bugs. However, software is very good at executing when there's a well-defined scope. And I think we have the right team to define that scope. And we work with clients, we work with partners to define that scope as well. And so that's why I think we have the happy marrying of the two where we take humans who have the expertise and we, I would say we force multiply them such that they can become analysts rather than pure execution in a particular workflow. Shab, thank you so much for taking time out today. And of course talk about the company and how you are like kind of solving a larger problem for the ecosystem. Thanks for sharing your insights about big data in the health care industry. And I would love to have you back on the show. Thank you. Yeah, thank you for having me on and I really appreciate the insightful questions. It was a great chat.