Phillip Pompa – Two Point

Small, family-owned pharmacies seem relics of the past, with modern economics making it a challenge, if not a losing game, for them to compete against the major chains.

As is the case with any market trend, there may be positive and negative implications.

But there’s most certainly a need to safely and securely move data from one entity to another when one of those pharmacies is acquired by a big-box heavyweight. That type of acquisition was where a Chicago firm known as Two Point distinguished itself in a specialty role.

“People may think we’re a health care company, but what we really are is a technology company that serves the health care industry,” explains Phillip Pompa, who serves Two Point remotely from his Texas home as chief legal counsel and chief privacy officer. “Pharmacies, clinics, hospitals, urgent care centers, doctor’s offices—if they maintain patient files, they use Two Point’s services.”

And Pompa brings a unique skillset for aiding the cause, for he’s a rare three-fer: a man highly credentialed in business, information systems management, and law.

Going beyond security

His respect for chief information officers notwithstanding, Pompa reminds that their strength may be in operating systems and overseeing security rather than dealing with myriad rules and regulations for data privacy that result when technology meets health care.

That’s happening a lot these days, with regulations growing as states likely follow the lead of California, which tightened its standards by borrowing aspects from the European Union’s rigid General Data Protection Regulation. Many folks in the technology business foresee, in the not-too-distant future, Congress adopting a broader national code that may supplement the existing regulations of the Health Insurance Portability and Accountability Act and the Health Information Technology for Economic and Clinical Health Act.

If so, chances are that Two Point will already be in compliance. Pompa explains how the firm integrates HIPAA and HITECH Act requirements while migrating what’s known as Protected Health Information for client companies. Whatever data doesn’t fit into a legacy system goes into a web-based archive that can be customized for each client.

Should Two Point host the system, there will be multiple layers of security starting, but not ending, with multi-factor authentication, data segregation, and continuous detection and prevention monitoring, he continues. Should the client opt to retain a legacy system, its security depends on the capabilities of its own infrastructure.

Infotech departments often perceived—sometimes wrongly—as cost generators rather than full partners to an overall operation, most pharmacy chains depend on Two Point’s comprehensive services.

Wisdom worth repeating

“Measure twice and cut once,” Pompa responds, when asked to sum up his modus operandi. Having graduated from Wayne State University in 2001with a Bachelor of Arts in information systems management, he felt a draw toward law. But maybe not just any type of law.

Anticipating the growing need for legal know-how to be mixed with technological acumen, in 2008 he’d earn his juris doctorate from the Chicago-Kent College of Law, which, through its affiliation with the Illinois Institute of Technology, can focus on legal and high-tech aspects that might be beyond the realm of the most elite ivory tower.

Pompa would practice law for the city of Chicago under a 711 license that allows a student to depose clients and go before judges under the supervision of an accredited lawyer. He’d also serve as a summer associate for the Chicago Transit Authority and go on to state court at Chicago’s Daley Center where he’d organize proceedings against owners of dangerous buildings.

He’d also be a part-time project manager and data analyst for Two Point, but when they asked him to take on contracting, Pompa told the executive team that if he were to change roles, he’d have to reactivate his law license. That they’d do in late 2008, bestowing upon Pompa the multiple titles that still include being the only in-house lawyer.

“We seem to do a better job implementing safeguards and conforming to regulatory requirements that some of our larger competitors,” he says. “Since I’ve become full time, we’ve seen our time for contract negotiating reduced. I’m able to go right up to the executive team, determine their risk tolerance across multiple areas, and negotiate the deals very efficiently.”

And the challenges just keep on coming; one of the more recent being states opting to tax technology services.

Various interpretations of a 2018 decision by the Supreme Court only seems to muddy the waters, the justices ruling that South Dakota’s sales tax on internet retailers wasn’t burdensome, but more complex or overreaching laws might be.

Pompa will mull that issue and more from his new Austin house, where Two Point has allowed him to work since December. It’s his fourth home in three years, but one Pompa reckons he’ll reside in much longer than the previous ones. Weekly calls and occasional visits to the Windy City headquarters seem to keep matters running smoothly.

When Pompa spoke with Vanguard in April, he was putting to use another set of hands-on skills, building cabinets and doing other interior work on the new home he shares with his wife, Christine Abuel Pompa, a DePaul University College of Law grad who, since October, has been director of intellectual property for the Austin company YETI Coolers. Previously she served as senior counsel of patents for the Kraft Heinz Co.

“In-house roles suit both of us,” he says, adding that his time in government or quasi-government roles was a valuable learning experience. “I didn’t expect I’d be doing this when I graduated law school, but I prefer in-house to being at a firm. The business side is highly rewarding and you have direct access to all departments.”

And in his capacities at Two Point, he’s able to do his part to ensure a more secure health care system.