MSPs must rise to regulatory compliance challenges
Data laws and requirements have made regulatory compliance a fact of life for every MSP. Here's why that's a good thing for the industry.
While some MSPs have profited greatly from regulated vertical markets, many others have tried to steer clear of the challenges and risks of regulatory compliance.
But today, that avoidance is no longer possible. Regulatory compliance is a reality that MSPs must confront. The good news is that managed service providers with regulatory knowledge have never been in greater demand.
Everyday MSPs wake up to regulations
For general practitioners, or "everyday MSPs," regulatory compliance has mostly represented an abstract concept, rather than a common concern. They would only hear about it in discussions at MSP industry conferences and on online forums. More recently, however, these general practitioner MSPs have seen regulatory issues creep into their average clients.
That's because various data privacy, security and breach notification requirements affect nearly every MSP today. Data handling laws apply to MSPs and their clients around the world. As a result, MSPs must have a strong grasp on data privacy and security rules to deliver even rudimentary managed services offerings.
Specialized MSPs step up their games
Meanwhile, MSPs with practices for regulated clients must operate at a higher proficiency level than before. Managed services clients in vertical markets -- such as healthcare, banking and financial services, and legal services, to name a few -- now deal with increasingly more detailed data handling requirements.
The challenge for these MSPs is to master both their own internal data handling requirements and their clients'.
Startup MSPs can't ignore regulated environments
New MSPs -- including existing companies entering the managed services profession -- must recognize the regulatory climate the IT services industry finds itself in today.
Gone are the days when MSPs were merely IT administrators and functionaries on behalf of their clients. MSPs must now have a working knowledge of data laws to maintain even a baseline level of competence.
Data laws create opportunities for all MSPs
It would be a mistake to see these changes to the managed services profession as anything other than positive.
When the MSP industry began its evolution back in the mid-1990s, data regulations were much simpler than they are now. Additionally, during that period, customer demand for MSPs had only started to emerge, and MSPs faced far less competition and commoditization pressure. Today, new data regulations create significant demand for MSPs and make them far more critical to customer operations.
The barriers to entry into the managed services market have also changed. In the past, these barriers were limited primarily to cost and human resources. In 2000, the average cost to start a managed services practice ranged from $500,000 to $1 million. Today, the cost barriers have largely lifted. Instead, companies that seek to become MSPs have a knowledge barrier to overcome: an individual- and organizational-level understanding of data laws and regulatory compliance.
Investment in certifications, audits and ongoing training can help MSPs conquer the knowledge barrier, setting them up for success in regulated environments.
About the Author
Charles Weaver is the CEO and co-founder of the International Association of Managed Service Providers (MSPAlliance). Since its inception in 2000, the organization has grown to more than 30,000 members worldwide. Under Weaver's management, MSPAlliance has expanded its reach and influence to include education, standards of conduct and certifications for managed services professionals and companies. Author of the book The Art of Managed Services, Weaver writes and speaks extensively about the managed services industry.