According to Chief Information Security Officer Adin Stein, Rune Labs is a platform and service provider that aims to help people with Parkinson’s and other neurological conditions.
The company works in two major capacities: supporting drug manufacturers through clinical trials and patients and clinicians through direct care management. With Rune Labs’ technology, patients can receive better and more tailored care, while life sciences companies can expedite product development and delivery.
As the company grew, Rune Labs realized it needed to comply with complex regulatory frameworks — particularly the Health Information Trust Alliance (HITRUST) e1 certification — because of its involvement with sensitive patient data.
“This is the first time Rune Labs has sought a HITRUST assessment,” Adin explains. “The process itself is a little bit opaque.”
Thus, the company needed a trusted audit partner who could navigate the intricacies of HITRUST while helping them set realistic timelines and expectations with internal stakeholders. Additionally, staying within budget was an obstacle.
We’re a relatively small company, and our budgets are not unlimited,” Adin adds. Most importantly, Rune Labs required a partner who understood their needs and aligned with their commitment to data security and privacy.
Rune Labs ultimately chose Insight Assurance to help simplify the HITRUST certification process. Insight Assurance’s consultative approach clarified necessary steps and controls, offering tailored guidance throughout the engagement.
Open communication was a cornerstone of the partnership. Using Slack and Teams, Insight Assurance ensured seamless collaboration, allowing Rune Labs to ask questions and receive real-time feedback. Critically, their expertise in platforms like Amazon Web Services played a big role in aligning Rune Labs’ operations with HITRUST’s “spirit of the control” requirements.
“When the team would ask for evidence, it was put in a language that made sense to us,” explains Jaswant Pakki, Senior Security Engineer. “I think that alleviated a lot of stress when it came to the process of gathering evidence and putting it into MyCSF.”
By acting as both an assessor and a partner, Insight Assurance helped Rune Labs refine its documentation and ensure its processes were compliant without compromising practicality.
Ultimately, the partnership with Insight Assurance enabled Rune Labs to achieve 100% compliance across all HITRUST controls. Not only does this clean report validate the company’s commitment to data security and privacy, but it also benefits Rune Labs customers.
The partnership with Insight Assurance enabled Rune Labs to achieve 100% compliance across all HITRUST controls.
“It enhances our product and provides our customers a level of trust in the sales process,” Adin explains. “It helps expedite some of the security assessments they may already have to do. Sometimes it also eliminates the need to do a deep-dive security assessment.”
From a business perspective, achieving HITRUST compliance has made a tangible difference. As Adin says, “This really moves the needle for us in terms of our commercial pipeline.”
Whether you’re a two-person team or a global enterprise, our team of former Big 4 auditors brings the same level of quality and care to every engagement.
Let’s simplify compliance — together.
Share This Post
Share a few details and our team will be in touch shortly to schedule a friendly, no-pressure conversation—no obligations, just answers.