Episode Transcript
[00:00:01] Speaker A: You're listening to the Doc Lounge Podcast. This is a place for candid conversations with the healthcare industry's top physicians, executives and thought leaders.
This podcast is made possible by Pacific Companies, your trusted advisor in physician recruitment.
[00:00:21] Speaker B: Welcome back to the Doc Lounge Podcast. I'm your host, Stacey Doyle and today we're excited to introduce a guest whose work sits right at the intersection of healthcare innovation and real world impact. Gezenfur Mansour, CEO and Founder of Technology Rivers. Gezenfur is a leader in building AI driven HIPAA compliant software solutions for startups, clinics, digital therapeutics and healthcare organizations nationwide. With more than 15 years of software innovation under his belt, he specializes in taking big complex ideas and turning them into usable, scalable products that actually move the needle. What makes Gemper stand out is his grounded operator's perspective. In a world filled with AI hype, he focuses on what really matters. How technology can improve patient care, streamline operations and help mission driven companies grow without losing sight of outcomes. If you're passionate about innovation in healthcare, this is a conversation you won't want to miss. So welcome to the Doc Lounge.
[00:01:18] Speaker C: Gazemfer G. Thanks JC for having me.
[00:01:22] Speaker D: Well, your background is really fascinating and I'd love just to have our audience get acquainted with all that you've been working on and kind of how you.
[00:01:32] Speaker B: Got into really this health tech space.
[00:01:34] Speaker D: That you're in today.
[00:01:36] Speaker C: Absolutely.
So I run a healthcare software development company. We help businesses improve operations through AI and technology as well as building HIPAA compliance software products.
So my own experience started with tech, I have a computer science degree and then before starting this business I was involved with two startups as early engineer build my own SaaS platform which was on the recruitment side similar to your domain.
And then I did some consulting with Veterans Health Administration. That's where I got into the Veterans Health.
So learn about HL7 and that kind of stuff.
I started business in 2015.
Our second customer was with HealthTech. That's how we learned about HealthTech. So then we did one project with a startup which was funded by Hopkins Innovation center and that's how we started getting into that's where we learned hipaa and that's when we started the journey of building HIPAA compliant. As of today we build about 50 healthcare applications, web mobile across the board and about 50% of those are HIPAA compliant.
And now lately obviously a lot more focus on AI because a lot more demand for building AI based application and that's becoming another, I would say discussion point in any of those conversations when we Talk about healthcare and AI is definitely one of the topics that comes in.
[00:03:15] Speaker D: Well, it sounds like you're and I and I know from reading about all the work of, you know that your company does, you guys are really leading the forefront with this HIPAA compliant AI kind of the merge of the two.
So tell us what does that actually mean in practice and where are you seeing some companies get that wrong?
[00:03:38] Speaker C: So HIPAA obviously has a set of standards. It's when it started it was obvious traditionally with a paper based everybody's in the office. So how do you secure that data?
Later on as the Internet came, obviously Internet web applications then became mobile. You could lose your device anywhere. So obviously there are different rules that came to enforce. Make sure that if you lose device or if you leave it anywhere, make sure you don't lose that data or whoever is accessing the phi data, it makes sure it's secure.
There are rules. And now obviously with AI things are even changing. People are blindly putting the data on AI and any data that you put on AI is being used by AIs to train. So obviously that's a scary part.
So as we are moving into this world, we have to make sure the data reporting on the AI follows some rules and regulations. Otherwise you are a risk of making that data public.
So there are many different strategies. Obviously I won't go more deeper into that but I think at the high level you have to know like there's a data, you have to make sure what data, you have to anonymize the data, you have to make sure the encryptions, you have to have authentication and those rules and then who's accessing the data. Even if the if your LLM, your AI is using a data, they have to sign the ba. So like you aren't going to put the data with any of the LLM without having them sign ba because once they sign the business associate agreement then they are required by law to follow certain rules like no data retention policy, not data being used for training on. But then there is architecture, we call it that architecture allows you to have your internal data or private sensitive data stay in a different database and you tokenize the data.
And then LLM is your AI is only searching the limited data what is relevant. So you filter the data first, do the searching. So it's a strategies that are being implemented so that your data is limited, exposed and then obviously still follows.
So those are the strategies that you need to know I think and this is where not everybody's familiar with how to do that. A lot of this notion of oh, the AI is not secure and then only let's say for example different company may have different LLMs approved, for example, could be copilot, could be another world Claude, but it's not just using one or other, it's the process that you have to follow. Let's say having that LLM sign the ba, following the rag architecture that makes sure that, having the audit log, making sure who access the data, when, where, those kind of things, all those things. If you know that process, then you can make that application secure. And in our business we have HIPAA compliance checklist. That checklist is important and that checklist is different for different people, for developers, for project managers, for qa, because each person has to look at the things from a different angle. So we want to make sure that data is any application that are being built follows a standard process to make sure they are secure.
Additionally, there are other strategies that could be employed as well. You don't always have to use a public LLM, you could use a private LLM and we can go deeper in that if needed.
But the bottom line is there are many different strategies. You just have to know what you're doing.
[00:07:39] Speaker D: Well, thank you. That really is a great, I think educational overview for our listeners and our audience. So I appreciate that.
[00:07:47] Speaker B: But I want to give you the.
[00:07:49] Speaker D: Opportunity to really explain how you work with healthcare systems or physicians because you really help.
I know that you've helped private practice physicians scale their business and I think you talked about 10xing their growth. So, so tell us what does that look like? How are you typically working with your clients?
[00:08:12] Speaker C: Okay, so I will talk about there are two different things that I would say two different types of work that we do. So I'll talk about. So the number one, we work with health tech companies, physician entrepreneurs building HIPAA compliant products.
So many of our customers are either active physicians or physicians who are moving into the tech. They have an idea, they want to build a product and we are helping them build those products. So like for example on demand doctors and nurses, fertility tracking, medicine adherence, platform provisioning, credentialing, people have ideas. So 50 different ideas that we have implemented in the last 10 years, those ideas are based off of physicians experiences in the work field. Like another one is UTI prescription app. So all of those different experiences based off of that they come to us were the people who not only know hipaa, we also know mobile, we also know the development. So while we are talk, while we are on the mobile, I also want to mention that I have a book on the mobile which is called beyond the how to build mobile app that people love, use and share every day. I've been involved in mobile since 2000, even before iPhone and Android. So based on those experiences, I wrote the book on the mobile app growth strategies. There are 32 different strategies that we share, including three different case studies from different apps who had grown. Because building an app is easy, but retaining those apps is a bigger challenge. How do you make sure that people keep using, using those apps? And that book also covers AI, that book also covers some healthcare. So anybody building the mobile app, it's important to look at that book as a guide in terms of building.
So second part is 10x, that's the other one that you mentioned. We work with home care, autism care, types of companies, healthcare services, business, improve their operations through AI and technology.
And so if you look at it, all these service businesses, whether it's a home care, autism care, assisted living, many of those, they have a lower valuations.
So what is your differentiator compared to your competitor?
Is it a better service, is it a better sales, better people? No. Many times yes, that would be a differentiator. But if you're using technology that would make your business grow much more faster, it will bring more efficiency, that means more revenue, more profit and better growth. So the goal is to build a system powered business rather than a people powered. So that's the push we have. So if you have a proprietary technology, not the one that your competitor has, but something unique and that doesn't mean building a full another suite and dropping all the existing software, it could be, it means identifying bottlenecks in your business processes, identifying manual tasks, what are the things from start to an end that if we could improve, bring more efficiency. Could be a documentation, it could be your triage process, it could be your scheduling, it could be your note taking process, it could be your patients following up and calling up and asking for for example doctor's advice. It could be giving some, some kind of attack for your patients to communicate with doctors along with the AI. Like this is another thing that we have seen a lot more coming nowadays like personal health prediction. Like people want to build those applications where you're loading, let's say personal health data like blood work and other data and have AI give you a recommendation. So a lot of those type of applications demands are coming because AI is doing so much. So with all the data in a different domains that we have, how can we use AI to simplify, to improve that Prediction and it does not mean that you just rely on.
It's not same as just loading that in ChatGPT, but it's about having those specific instructions and along with the doctor's I would say consultation. So the AI is coming for doctors so that they can review and give improvements rather than just patients are getting those direct recommendations, which is obviously not a good idea.
[00:12:57] Speaker D: Very fascinating. And I know that you've had a lot of experience working with healthcare systems and physicians. So tell us where do you see software and I and excuse me and AI projects fail. Like what are some warning signs leaders should watch for that it means they need to reach out to you. It's not going well.
[00:13:22] Speaker C: Based on my understanding, about 80 to 90% of the AI projects are failing because there are so many reasons I can't go into all of those today.
Even before AI, many projects were failing, but the AI is making it more and among many reasons, it's really not a clarity of what you want to build. There's a lot of misconception about AI that oh, AI is magic, you just give a data, it will give you everything. No, it's not that easy. There's a lot of hallucination in AI. Remember the architecture I was talking about when it comes to your personal sester data? So that data that can only that would solve the hallucination problem. Have you ever, let's say whether it's AI, have you ever got a response from AI that says okay, I don't know the answer to this one. Surprisingly not like anything you say, they'll say, well oh, this is a great question, you did great. Or it is the answer. The default mode of AI is you ask a question, it will give you even if it not it will make up for you.
But that's not in the real world you want. That's not what you want in a healthcare. You want the results based on what your data is. So the default hallucination is obviously a bigger problem. So that's where your own data makes a difference. But then how do you make the data into that so that the results that you are getting are more accurate closer to how you warn and how your users warn. Right. So understanding how AI works, that's important.
Most people think it's like a plug and play. Like it's like you know how you go in ChatGPT, you drop your document or add a comment and you get the response, yes, that system is already built, but that same plugin is not possible that oh, I attached the ChatGPT in my application it already automatically start querying. It is possible, but that's not what you want because that's already happening on ChatGPT.
So when you are building it, you have to have a specific role. Like what? You have to train the data.
So another myth is that AI would just give us accurate result. No, it's mapped to your data. If your data is not good, you're not going to get the right result. So it's important that you clean up your data, you map the data to your processes and then give it to the AI. AI will give you the results based off of what you have.
It will give you the recommendation based on your knowledge base. So your knowledge base, your internal data needs to be clean and good.
And lastly, AI, one of the hypes is the AI is just cheap.
Well, one of the recent project fails is you look for oh, cheaper ways but that doesn't mean you just add the data. And again that's where the risk as well, like the cheaper implementation would be just use AI, drop everything and get the result.
Guess what? You already gave your data. So once you start following that process, it's not. And the AI when it comes to training the data, that's where the costs start coming because it's, it's not, it's not cheap.
[00:16:46] Speaker D: Right, Right.
So let me, let me give you an opportunity. Tell us a story or real world example of where AI really meaningfully improved patient care or operational efficiency.
[00:17:02] Speaker B: Give us an example of one that you've built.
[00:17:11] Speaker C: So multiple. Yeah, I can talk anonymously or some of this. So for example, so on a personal health side, let's say, so like you upload your lab results, you upload your, let's say WASH data, your DEXA scan, your fitness data, any of that data you load that AI can do a deep research and give you a recommendation.
In the past that effort was like somebody would review it, somebody would give your, let's say there's a manual process of evaluating those documents and then providing a recommendation. Yes, the doctors are still reviewing it, but now that process is much more faster than it was before. It would pick up many things because in order to read that report it would take a lot of time and that time would obviously that means that time would add a cost to your processes.
So that's one of the system, another one we build. It's a doctor's consultation where from doctors to doctors. So you have a problem or you have something to share. So you put it out with your network of doctors, they will review it and give you recommendation based off of their experience. So there's AI recommendation first and then others doctors recommendation. So overall that process again because the data that AI has based off of so much other external sources, PubMed and many other sources where you're getting that data plus the other in house expertise of people who are experts. So combination of that makes a huge difference. So now you're getting a lot more valuable data. I would say it converts because it's empowering you and you are able to be a lot more productive. So that makes a huge difference.
May not necessarily be converted as is in terms of the money, but obviously that output definitely makes a huge difference.
[00:19:31] Speaker D: That's, those are two great examples. And I'm sure like you're saying, I mean that's, that saves a lot of time and that really creates a lot more efficiency and that allows physicians to spend more time obviously you know, focusing on what they need and more in person, you know, interaction with their patients, which is, which is great.
I know that there's, I mean how do you keep up with all the regulations now with, I mean you got HIPAA and then AI is moving I feel like even faster than you know, regulation can keep up with.
[00:20:04] Speaker B: So how do you stay on the.
[00:20:06] Speaker D: Pulse of things and make sure that you, you know, are on top of it for your clients?
[00:20:12] Speaker C: So that's obviously is one of the demanding work, it's a challenge so you have to stay on top. So that requires us to be, continue to be learning. So we as a company, we get together once a week and we have our AI goals, we review it, we come up with different training for our team members, different tools. So we have a money allocated for in our company that anybody can buy a tool of a certain price and for any of the work. But one thing we encourage there is like don't buy the same tool that others have. So you don't want everybody to be spending money on the same tool. What I would like to see is seeing more of a difference is there are five different tool, different people evaluated. So we can see the differences. The same goes on obviously as you said on the regulations, the AI part is the one that's moving way more faster and different tools, different challenges. Regulations are moving actually slower than it should because the worry is like the HIPAA rules obviously are older, they need to be updated along with the new technologies coming so that you can keep up with those.
But at the same time we as a company are learning a lot of those and coming up with the improvement based off of learning that we have based on different projects, different customers that we talk to, different regulation, different documents, different learnings that we have. But yes, it's an ongoing challenge of staying up to date.
[00:21:50] Speaker D: Fascinating. And it sounds like you guys really have a strategic approach there to be leading edge, always on top of the latest and greatest in terms of regulations, which is amazing.
I wanted to ask you, sitting in the seat of a physician or clinician, what should they know before partnering with a development team if they're going to go ahead and build a digital tool or platform?
[00:22:18] Speaker C: I think more importantly is really figuring out, really talking to them and understand that they understand the hipaa. They understand because everybody says we can do it, but do they really know it? So when you see somebody has that many projects under their belt, I think more importantly getting more deeper into it.
So looking at their process like how do you verify this application is HIPAA compliant? Show me your checklist how your QA verifies this, how your requirement person require finds this, how your PM does this, how the developers do it. So one of the things for example in our like so for example you have a requirement document the requirements may be missing because the requirement may just say the application needs to be HIPAA compliant.
Nobody's writing these are 20 things. But the traditional way the QA will look at it, okay, HIPAA compliant, secure. Well, secure is not enough.
So that's one of the 10 other things. So you want to make sure there are specific steps that they follow. So in our business, let's say if it's a HIPAA compliant, that means automatically these 10 things are already added in the requirement, whether they are explicitly mentioned or not.
Like for example the audit logging, the authentication, the authorization, some of those the log or the face ID if it's in case of a lot of those things are by default enabled because and but that can only be if it's part of the training. In our business we also have a requirement that every person has to go through the healthcare HIPAA training because once doesn't matter whether it's a PM or any new role, so they go through then they understand what it is.
So any vendor that you are working with, you want to make sure that what is their process, how they are building it, how they're testing it, how they're ensuring it's HIPAA compliant. So once you know it, once you see that process, you will automatically get.
[00:24:25] Speaker B: More.
[00:24:28] Speaker C: More credibility, more trust with with those and then another part is obviously just like a traditional any vendor when because for Every app, everything you do, you always have a lot of different people claiming that they know but really seeing their work, talking to their customer makes a, makes a difference.
[00:24:52] Speaker D: Love that. Thank you for, for that. I think that will be helpful for any entrepreneur that's listening, that wants to get into, you know, and start making you know, either it be a full time job or really full time new opportunity or if I a lot of our physicians and apps will do something on the side, you know, have a project like this going. So I think it's great knowledge and expertise that you're, you're giving them which is, which I really appreciate.
So tell us, I mean where do you looking ahead, where do you think what part of healthcare is most ripe for a real meaningful AI transformation in the next few years?
[00:25:37] Speaker C: There's a lot of innovation happening in the healthcare.
I believe the workflow automation is going to be one of the major one. That's where a lot more innovation is happening. So your typical business processes, that's in your business, hospital practices, wherever those workflows would need to be automated and that's where a lot more innovation happening.
AgentIC AI just the AI agents that are coming faster. So you have an opportunity. You can either in some case I would say the commoditized models you can just always buy. You don't have to build.
But I think the differentiator will come in where you are creating, you are creating you, you're creating agent for the workflows that may be unique to your businesses and that's would create more differentiation for your business as well. So, so the AI agents agentic and agentic, I'll go a little bit deeper on that just to mention that agentic is, it's not really just you can say that the agents are more of a. You have a rules and they're pro, you are created. But in agentic you also have AI making a decision on your behalf because it's not really just it's understanding, it's learning your system along the way and then give you a recommendation not just following what you are telling. So obviously there's automation, there's an agent and there's agentic. So yes. So I would say on the agentic, on the agent side, more specifically within the hospital or healthcare workflows is the one that's going to make a huge difference.
[00:27:37] Speaker D: That makes a lot of sense. So yeah, the efficiencies that they can, they can gain from AI coming in and helping streamline those processes.
So I want you to give you an opportunity against first to just let everybody know how they can reach out.
[00:27:52] Speaker B: To you, how they can partner with you.
[00:27:55] Speaker D: And you know, obviously you know, I'm assuming that you, you're taking on new projects, but let us know.
[00:28:02] Speaker C: Yeah, absolutely. So my company website is Technology Rivers R I v e r s.com and then my personal website is cassandra.com my first name. You can find my podcast there as well. Lessons from the leap where I talk with other entrepreneurs in terms of the projects.
Reach out through the website or my LinkedIn. My name, just search my name on LinkedIn. Very easy to find as long as you have the right spelling for my name.
So yeah, reach out through LinkedIn or through the website.
We'll happy to share more details about any of the projects. It is very likely that anything you are looking we may have done something similar in that space. Not necessarily the exact project, but we have done many different applications. So love to explore further with anybody who has a need. And you mentioned earlier that most of the physicians in your network are looking for a side opportunity and this could be another big thing. Yes, there's some investment, but building that proprietary tech, building that idea, whether it's web or mobile, or even creating an agent, you know your space.
If you can identify a gap in the space, we could be your partner in terms of building and executing that product for you.
[00:29:39] Speaker D: Fantastic. Well, TechnologyRivers.com will link that and obviously link out your personal website and your LinkedIn. So anyone that's listening can get ahold of you. And it sounds like you have a ton of experience in health tech. You can help physicians, you can help healthcare systems. So you really are the expert and, and can help anybody navigate through HIPAA compliant AI. So that that's important. So thank you so much Kazen for, for being on today. We really, really appreciate your time and all your insights.
[00:30:13] Speaker C: Thank you for having me. It was pleasure speaking to this podcast.
[00:30:18] Speaker A: Thank you to all of our listeners. If you would like to be notified when new episodes air, make sure to hit that subs subscribe button. And a big thank you to Pacific Companies. Without you guys, this podcast would not be possible.
If you would like to be a guest, Please go to www.pacificcompanies.com. thank.
[00:30:44] Speaker C: You.
