It is the end of the road for a promising tech startup CareSync following the discontinuation of the company’s operations on June 21, 2018. As cybersecurity enthusiasts, what lessons can we learn from the way CareSync is handling customer data at this far end of its 7 years of service?
It all started with the departure of CareSync founder and CEO Travis Bond that came without warning. Several rounds of layoffs followed – the company was downsizing to avert an imminent course to its deathbed, but this yielded little success.
A ray of hope
In an attempt to salvage the sinking company and restore its financial footing, the interim CEO Bob Crutchfield agreed to sell the tech firm to Shipt, a grocery delivery company. Shipt founder Bill Smith and his family would buy and fully own the company. It looked like the deal would move forward in what he (Smith) termed as a “very significant financial commitment to the company… to build this company for the long-term.”
Failed rescue mission
This deal flopped, according to information from both CareSync and Shipt. “After 7 years of working tirelessly and closely with our stakeholders to deliver best-in-class chronic care management products and services, CareSync has discontinued its business operations and closed its facilities in Tampa and Wauchula, Florida.” This statement was posted on the CareSync.com website June 21, 2018.
Statements from CareSync revealed that its leadership had made their best efforts to find strategic partners and raise the much-needed extra capital that would help keep the tech startup on is feet. However, these attempts were ultimately unsuccessful – partly due to time constraints, according to the CEO of Shipt.
“A syndicate of investors, including the Smith Family Office, had intentions to acquire CareSync,” Smith said in a statement. “We were hopeful that our support could save the company and would ultimately lead to a successful outcome for everyone involved, including the employees.” He added this: “Unfortunately, the company ran out of time.”
CareSync chief operating officer Joy Powell confirmed this unfortunate turn of events in a final statement that accompanied the filing of a Worker Adjustment and Retraining Notification to the state of Florida. The contents of this notification indicated that all of the company’s 292 employees were being laid off as of Thursday, June 21.
With these announcements, the IT operations that had helped enterprise customers with the management of their medical records for seven years came to a screeching halt. CareSync, which became operational sometime in 2011 and combined technology with data and other services to improve people’s care coordination, would no longer serve these patients who had depended on them.
The Florida-based healthcare technology provider ended all business operations and closed its doors to a huge community of customers following the unsuccessful attempt at selling the company as a last-minute resort to prevent it from shutting down.
The company’s main phone line would then stop accepting calls, with a prerecorded message explaining the situation to callers. In the process, the defunct tech firm provided its former Medicare clients with an online platform to help them keep all of their medical records, appointments, and prescription schedules in a single place. Its message also indicated that the patient portal would remain operational for some time.
Not everything is lost
If CareSync’s assurance is anything to go by, the consumer data in its possession will remain safely protected within its servers and accessible to its members and customers. Apparently, the tech company had taken the necessary security measures around this data to keep it safe even as the company came to a complete shutdown and ceased all operations.
People have questions though – and justly so.
What will happen over the coming weeks or months? Who will be managing the patient portal that has remained accessible to customers and shareholders?
Will it remain secure for the long run? Does CareSync intend to invest additional resources in their cybersecurity software now that their IT solutions are no longer available? And what guarantees do the people whose data is at stake have?
Now that this closure is public knowledge, could hackers take advantage of the situation and start targeting the data stored in this patient portal?
These are all tough questions and it may be difficult to get the answers that consumers are looking for. No one wants to think that their personal information and medical history is out there in cyberspace where criminals could steal it. Unfortunately, CareSync has run out of money and may not be able to provide the excellent cyber security protection that their former customers deserve.
When choosing any tech solutions provider, be sure to do your homework to be certain that you are working with the right people. What is their technology like? What is their track record? What measures are they putting in place to ensure the complete safety of your data? Only after you get the right answers to these concerns should you allow yourself to settle for their service – but not a minute before.