Case Studies

Case Study: How Banty Achieved Ontario Health Validation and Verification & ISO 27001 Compliance with Carbide

Case Study: How Banty Achieved Ontario Health Validation and Verification & ISO 27001 Compliance with Carbide

The Carbide team recently had the opportunity to sit down with some of Banty’s leadership team including Co-Founder and Medical Director, Dr. Richard Tytus, Co-Founder and President, Scott Wilson, and CTO, Marc Tytus. Banty’s security and privacy compliance journey includes an early and steadfast commitment to ensuring their company, team, and products maintain security at the forefront as well as an incredibly impressive sprint to achieving Ontario Health validation and verification, along with ISO 27001 compliance. Read on to learn more about how Banty’s ambitious security and privacy compliance goals combined with their team’s dedication to achieving them made for a dynamic and exciting partnership with the Carbide team and platform.

Tell us a bit about Banty and what you do.

Dr. Richard Tytus: Banty provides medical and business video conferencing products that focus on ease of use, top-level online security, succinct productivity tools, as well as customizable features for all subscribers. The company was created during the pandemic when I, like most people in the world, turned to video conferencing solutions to safely connect with family, and friends, and to conduct appointments with my patients. I found that the existing virtual medicine platforms were complicated and unreliable for both healthcare providers and patients alike. What was available simply wasn’t cutting it.

Scott Wilson: As an entrepreneur with several projects on the go, I was also finding the available business video conferencing solutions to not only be frustrating but, at times, an actual barrier to my business operations. Recognizing the gap in the video conferencing industry for both healthcare and business, Richard and I decided to do something about it. Banty was born with the ultimate goal of becoming a global provider of personalized, high-quality, secure and easy-to-use video conferencing, virtual events, and meeting room technology for all industries.

Why is security and privacy important to your company?

Dr. Tytus: Security is everything. When it comes to healthcare information, it’s highly sensitive. Patients need to know that their personal information is being handled properly – in a secure and private way that allows them to feel comfortable being open with their healthcare providers. And developing proper security and privacy has to be properly validated and verified – leaving it up to someone’s opinion isn’t enough. It needs to be audited and certified by a third party.

Scott Wilson: The government has also implemented a lot of rules and regulations in the health tech space to protect patient information and privacy – something we take very seriously.

Marc Tytus: From the get-go, we’ve operated with a security-driven approach that we believe sets us apart as a video conferencing solution, particularly in the healthcare space. Recently, we’ve really raised the bar for what we’re doing from an operational perspective, formalizing a lot of what we’ve done informally by implementing a lot of policies and a lot of procedures for us to meet certain standards like ISO 27001.

Why was achieving OTN validation and verification and ISO 27001 compliance significant for Banty?

Marc Tytus: While we’ve always been committed to security and privacy, recently, we’ve had the challenge of demonstrating that formally. This is why we decided to engage a third party like Carbide – to bring us up to an even higher standard of security and privacy so that we could meet, for example, the ISO 270001 standard and qualify our dedication to security and privacy by meeting these regulated standards.

Scott Wilson: Some people look at all of the tasks involved with achieving security and privacy compliance as a headache. We got excited because we looked at it as an opportunity to differentiate ourselves from others in the industry.

What was the process like for achieving Ontario Health and ISO 27001 compliance?

Marc Tytus: Initially, we approached Carbide with the intent to achieve OTN validation and verification. The Carbide team made us aware of what the general timeline to achieve this would be based on the tasks required – four to six months. We needed to do it in six to eight weeks. We promised the Banty team’s full attention and effort would be directed at this goal, and both of our teams fully committed to the initiative. The Carbide team stepped up and supported us in getting it done. It was a joint effort that resulted in all tasks being completed and ready to be audited in six weeks!

Scott Wilson: As we were being audited for OTN, the auditor pointed out that many of the tasks we had completed overlapped with ISO 27001 requirements. Based on this information, we decided to go the extra mile and work to become ISO 27001 compliant as well. We saw this as an opportunity to add another meaningful and powerful badge to our roster of evidence proving our commitment to security and privacy.

What was your experience working with Carbide like?

Marc Tytus: We couldn’t have done it without the Carbide team. It was a perfect synergy and partnership between Banty and Carbide. We knew our ask was ambitious, but we were willing to put in the time and effort – and we needed a security and privacy solution and partner that was willing to work closely with our team to attempt meeting our crazy deadline. Implementing true security and privacy within a company is no small task, and there’s no “easy button” to get it done – but the Carbide team and platform are the closest thing to an easy button. Their wealth of resources, including subject matter experts with years of experience and qualifications, went way above and beyond what we have internally. They supplemented our in-house team in a way that allowed us to meet our current goals while simultaneously setting us up to meet the required standards as we grow.

Simplify Compliance with Carbide and Speed Up Your Security Journey

Carbide takes the hassle out of compliance by providing multi-framework control mapping, auto-generated policies and tasks, automated evidence collection, and more. Using Carbide, you can streamline your compliance process, saving valuable time and money. Talk with our team and learn how this platform can revolutionize your security and privacy program.