Settrax tracks hospital equipment and keeps patients safe with Twilio 2FA

Settrax has transformed an entire industry with pioneering technology that manages the flow of millions of dollars of surgical and medical equipment in and out of hospitals. Lives literally depend on Settrax’s secure authentication and compliance process, which is why Settrax depends on Twilio 2FA.

An antiquated process ripe for innovation

Every day across the U.S, millions of dollars of medical instruments, implants and devices flow in and out of hospitals, surgery centers and medical device companies. Until Settrax came along three years ago, these facilities depended on teams of people to manually intake, track and release thousands of trays of critically important medical instruments and equipment, all while meeting strict compliance standards. “Hospitals were dealing with 50 or 60 year old manual processes. It was a very antiquated system, ripe for innovation,” said Settrax founder and CEO Brad Lindenmayer. “Someone needed to bring technology into how hospitals managed instrument and implant inventory. There’s lots of money involved, lots of mistakes can be made, and patients are affected by it.”

Settrax’s groundbreaking cloud-based software and kiosk hardware have transformed the way that medical inventory is managed today. “Medical equipment is constantly in flux, going in and out of hospitals and surgery centers. This matters, because the tools coming in from other places are used on people in the operating rooms,” said Lindenmeyer. “It’s a huge logistical ballet to manage the constant flow of instruments through an antiquated process– what we do is modernize that logistical ballet.”

When inventory comes in, it gets run through Settrax’s standalone kiosk which tracks and weighs materials, prints out labels, and monitors the equipment journey from end-to-end. “Our software powers the entire process,” said Lindenmayer. “It even looks for missing items by using a sensitive scale, so if an instrument container weighs more or less than it should, we will flag it.”

The problem of users skirting compliance and cutting into revenue

Now established in 54 hospitals with over 5,000 registered users, Settrax has tracked more than 100,000 surgical cases in the past year alone. Even as the company grows quickly, they haven’t softened their focus on compliance and security. A big issue Settrax ran into early on was that not everyone who used the Settrax system was actually a registered user. When they discovered that some users were sharing accounts to avoid cost and compliance tracking, they knew they needed to resolve the problem quickly and securely. “This was a huge problem. We knew from the get-go that security is a major concern when working with anything in healthcare,” said Lindenmayer. “We needed to safeguard important hospital and patient data, and ensure that inventory managers were not sharing their user login with anyone else for any reason.” So they implemented Twilio 2FA as an essential part of the Settrax system.

“Security and two factor authentication is crucial to what we do. With 2FA we can register more users, but our main objective is to keep data secure and ensure that the person of record managing of critical medical equipment is who they say they are. 2FA lets us do that,” said Lindenmayer.

Choosing Twilio 2FA for flexibility and responsiveness

After checking out other solutions like Google Authenticator, they chose Twilio 2FA for its flexibility, and responsiveness. “Part of running a startup is that I need to know I can call someone quickly and they’ll handle it,” said Lindenmayer. “In our business, we are dealing with critical workflow where there’s a real person–a patient–involved. When we started working with Twilio, they were very responsive. That made up my mind; my confidence was in working with the Twilio Account Security team and I knew they would be there when I needed them.”

Getting up and running with Twilio 2FA, a seamless operation

Settrax exclusively uses Authy—now part of Twilio Verify—soft-token for authentication. “We would love to use one-touch or text, but soft-token doesn’t need an internet connection to function in our kiosks,” noted Lindenmayer. “Our kiosks are in out of the way places that might be five stories underground, so there may not be cell phone or internet access. We needed a solution that didn’t need connectivity to work.”

Lindenmayer and team rolled Twilio 2FA out in a staggered fashion so they could get all users on board with the new process. They first implemented 2FA with a small group of 50 users, and monitored it for a week to see what issues might pop-up. “We actually prepped our users over months to get them ready,” said Lindenmayer. “We had to deal with a lot of users calling in who wanted to opt out, and we needed to be ready for our support people to justify the benefits of moving to 2FA. We needed our customers to know this was a critical component to meeting security and compliance standards.”

What’s next for Settrax?

We’re expanding quite a bit,” said Lindenmayer. “We’re adding new features, continually expanding the market, and now we’re finding other industries are curious about what we do because our model can be applied to a number of verticals.”

That’s not to say that Settrax is leaving the medical device compliance behind. In fact, MD+DI (Medical Device and Diagnostic Industry), a leading authoritative website in the industry, recently published a nice expose on how Settrax uses Twilio 2FA to combat account piggybacking and improve medical device compliance and tracking.