Over the past two years, mobile health applications have rapidly developed, meaning that an increasing amount of personal health data needs to be stored and shared with physicians. This data includes analyses, diagnoses, and treatment plans generated by healthcare providers. However, as this information constitutes private personal data, a critical question arises: Is our personal medical and health data secure?
This poses a challenge not only for each individual but also for the entire healthcare industry. On September 23, 2013, the United States implemented new regulations under the Health Insurance Portability and Accountability Act (HIPAA), requiring applications or technologies that transmit data via mobile devices to comply with relevant privacy regulations to protect patients’ sensitive data. Establishing a HIPAA-compliant data center is both extremely costly and time-consuming. Currently, many healthcare companies are focused on enhancing the performance and features of their products and are reluctant to incur additional costs for HIPAA compliance. This reduces the overall value of these healthcare companies’ products and prevents them from forming valuable, complete feedback loops.
Fortunately, however, TrueVault, a U.S.-based company, has addressed this security concern with its technology. TrueVault is designed to help healthcare app developers comply with the privacy and security standards mandated by federal law, thereby enabling these companies to focus on the research and development of healthcare applications.
TrueVault is a healthcare startup headquartered in San Francisco, USA, founded by Jason Wang and Trey Swann in 2013. According to co-founder Trey Swann, TrueVault provides a secure application programming interface (API) for storing health data and simplifies compliance with the Health Insurance Portability and Accountability Act (HIPAA), aiming to address the headaches that startups encounter when building HIPAA-compliant data centers. So, how does it achieve this?
TrueVault provides a simple application programming interface (API) for storing and retrieving any data from web pages. Instead of collecting file data directly through a user interface, TrueVault achieves this through applications. This enables developers to freely create compliant apps without worrying about the legality of their designs.
In addition to ensuring data security, TrueVault’s greatest advantage lies in its powerful data search capabilities. To comply with the HIPAA Act, apps must encrypt their databases, which means that users cannot search their data within the downloaded app, thereby impairing the app’s functionality. TrueVault’s service not only protects user data but also enables users to query protected data. Companies can retrieve JSON files without limitation, query JSON files containing any binary fields, and directly integrate TrueVault’s search interface into their apps.
TrueVault can store healthcare data from mobile health applications, wireless devices, and even genomic research, freeing users from spending valuable time worrying about data security, performance, and scalability issues. This saves startups hundreds of hours in research and development, as they no longer need to worry about their products failing to comply with the HIPAA regulations. Developers build software on TrueVault, which handles all physical and technical safeguards required by HIPAA, operating similarly to most application programming interfaces (APIs).
TrueVault aims to provide the simplest and most secure way for web applications, mobile apps, and even wearable devices to store sensitive data, enabling the retrieval of protected health information (PHI) in any format. Furthermore, TrueVault signs Business Associate Agreements (BAAs) and maintains comprehensive privacy and data breach insurance policies to safeguard customer privacy and data.
TrueVault is currently experiencing continuous growth and expansion. Since September 2013, the number of enterprises using its services has increased fivefold, with its peak revenue growth rate reaching 47%. Currently, more than 5 million documents are stored on TrueVault’s platform. The company has partnered with nearly 200 organizations, including image32, LifeVest Health, and Rocky Mountain Health Plans, processing millions of API calls each week.
In fact, besides TrueVault, there are other HIPAA-compliant database providers, such as AWS, FireHost, and RackSpace, and they all sign Business Associate Agreements (BAAs). So why has TrueVault been able to rapidly capture the market?
This is because, compared to other companies, TrueVault not only offers superior technology, lower coding costs, and more comprehensive features, but also boasts significantly lower pricing. While other companies charge between $1,115 and $1,500, along with substantial additional fees, TrueVault charges its corporate clients $1,000 per month with virtually no extra costs. Therefore, for the entire healthcare industry, the emergence of TrueVault has undoubtedly greatly reduced the coding costs for digital health apps.
Core Technologies and Products: Technical Framework:
On May 28, 2015, TrueVault released TrueVault Connect. It is an identity management solution that enables enterprises to share sensitive data under the protection of third-party applications. End users of TrueVault Connect allow third-party applications to access their data, while enterprises retain control over data access. Leveraging its sophisticated data access controls and identity management capabilities, enterprises can design and implement granular data governance strategies, enabling them to acquire, exchange, and revoke data through third-party applications—all while maintaining user data ownership.
Enterprises can develop solutions for clients to deliver a consistent look and feel. For end users, single sign-on (SSO) provides a simple way to access third-party applications using existing account credentials, thereby improving service accessibility and the overall user experience.
Features of TRUEVAULT CONNECT:
1. Add authentication features to the user's app, and tailor services to individual users in minimal time.
2. Allow enterprises to simplify data exchange through third-party applications, enabling multiple data resources to share a secure data warehouse.
3. Full control over user login, using some classic products.
4. Accelerate time-to-market for third-party applications while enhancing the end-user experience.
5. It is an enterprise-grade single sign-on tool that ensures secure data exchange.
The product users mainly fall into three categories:Large Enterprises, Small Businesses, and Developers
Company Origin: In 2013, Trey Swann and Jason Wang founded TrueVault. Initially, their startup idea was imperfect; they simply aimed to store personal data from retailers, hospitals, and other institutions. Consequently, when they pitched at the renowned business incubator Y Combinator, their project was rejected due to an unclear business model and a lack of visible profitability. However, taking advice from their startup mentors, the two decided to focus TrueVault exclusively on the healthcare sector. On September 23, 2013, U.S. regulatory authorities enforced HIPAA regulations, requiring healthcare providers to strictly adhere to relevant privacy laws when collaborating with business associates. The introduction of this policy helped open up commercial channels. Seizing the opportunity created by this regulation, the founders developed the company into a fully HIPAA-compliant healthcare data service provider.
It is precisely because of this that the duo created a legend in the fundraising circle. No sooner had they graduated from the 2014 Y Combinator cohort than they shot toward their target like an arrow released from a bow, securing $2.5 million in funding within just two days.
Financing: In March 2014, the company raised a total of $2.5 million in its seed round, with investments coming from 22 individual investors.
Following the fundraising sprint, TrueVault finalized its investor lineup, which included former Zynga CEO Mark Pincus, NBA star Jermaine O’Neal, IA Ventures, Bill Tai, former general partner at Charles River Ventures (CRV), and Ian McNish, a founding team member of LinkedIn.
At that time, the company’s valuation was between $10 million and $15 million. Currently, TrueVault’s valuation has risen to tens of millions of dollars, and the number of independent investors in TrueVault has increased to 34.
From this perspective, TrueVault has enormous development potential and is bound to have a significant impact on the overall development of the healthcare industry.
(Editor: Zhang Nan)
To learn more about VCBeat’s “Series Report: 30 Most Promising Healthcare Startups to Watch in 2015,” please click the link “
Table of Contents for the Series”