Ostendio was formed to solve one of the key challenges I encountered in my previous role as the COO and CISO of a successful healthcare IT company.  It was difficult enough to persuade large healthcare corporations to take a chance on working with a smaller, more innovative technology company, never mind convince them that we could be trusted to reliably protect their sensitive data.  While keen to leverage emerging technologies, these typically conservative institutions will not risk compromising their internal security and compliance standards.  Therefore it was always a challenge to convince them that we could be trusted. Ostendio’s MyVCM was created to help solve that problem by allowing companies to more easily develop an effective security and compliance program, and more specifically, give them a simpler way to demonstrate this to their customers.

Work began on the development of MyVCM immediately after Ostendio was founded in August 2013. By October of that year, Ostendio had the core elements of the product outlined and in development. The beta version of MyVCM was launched on March 1, 2014 with a handful of companies pre-provisioned. In fact, the first order for MyVCM was placed in early February 2014 almost a month before the official beta release.

Ostendio now serves a broad range of clients who have become members of the MyVCM Trust Network including healthcare providers and practitioners, digital health companies and medical device manufacturers. The platform is in Version 2 release and supports a broad base of capabilities across workflow management, vendor risk management, asset inventory, audits with transparent dashboards and robust reporting.


Grant Elliott, Founder and CEO