Amir Bormand: [00:00:00] On this episode of the podcast I have with me Sunil Malaya. He is the Vice President of Engineering at Onco Health, and we’re gonna be talking about how it’s different to manage an engineering team in the healthcare industry. Obviously, some unique challenges, some constraints the team has to deal with.
Sunil has a, you know, extensive background in the, in the space, and I’m sure he’s gonna have some great examples to share. So Neil, thanks for being on the podcast. Thank you
Sunil Mallya: so much for having me, Amir. It’s great to be here.
Amir Bormand: Awesome, awesome. Thank you. I guess let’s start off at the top. I’d like to start off to understand, you know, what, what does Onco Health do?
And then, and then secondly, as the vice President of engineering, you know, what are some of your responsibilities? Awesome. So
Sunil Mallya: let me start off with what we do, right. So Onco Health is a digital health company, and we provide digital health solutions that reduce the physical, mental, and physical toll of.
For everybody. Right? So there [00:01:00] are, as, as vice president of engineering here at Onco Health, I oversee a delivery for three of our digital health solutions. And you know, each targeting like certain specific areas right? Within the oncology domain. So there are two big ones, right? So there is, there is one solution that the.
Do for prior authorization, which is basically look at cancer, cancer cases that come, come to us and see if, hey, evaluate the treatment plan that is being you know, given and see if it is the right thing to look for the patients. We look at other stuff like, you know, to see if there are like, you know, maybe cheaper in network providers that the patients could go to, like to save some.
And stuff like that. But you know, that is one of the key platforms that you know, that I won’t deliver for. And the other one, which is very exciting is we recently launched telehealth solution, a telehealth service for cancer patients to manage the mental health and physical, no side effects of cancer.
It’s called [00:02:00] Iris. So we launched in June and that has oversee delivery for that solution as well. Awesome.
Amir Bormand: Awesome. So, lot, lots of stuff. Lots of activity. I like that. And I know you have a background, you know, you have a pretty deep background in health. And a topic we’re gonna be chatting about is some of the, you know, differences.
You know, actually managing a team and delivery within the healthcare industry is a little bit different. And I think, you know, with, with your background, I think you’ll have great insights, you know, at at, at the highest level. Maybe you could just kinda give us a little understanding of, of what your team is made of in terms of, you know, who, who do you manage?
Are they all software engineers? Are you Matrix, just to understand some context. Yeah, sure.
Sunil Mallya: So I mainly manage a team of software engineers. Right? And the way we have structured is them into feature teams, right? So we. For each product, right? We have anywhere between one to three feature teams which work on delivery for the product, right?
So all the software engineers are reporting to me [00:03:00] and you know, that is how we are kind of structured. We follow the agile release process like most, most folks do. And we have like 15 day sprints and lease usually on a cadence like every 15 days inter production.
Amir Bormand: I guess, you know, maybe help us understand, you know, in terms of when we talk about, you know, managing an in, you know, engineering team in the healthcare industry, you know, let’s say I’ve, I know nothing of the healthcare industry.
What are some of the things that stand out, some of the, the key challenges that, that you’re like, if you’ve never been in the healthcare industry, in, you know, obviously maybe you’re a senior IC or a manager, but these are some of the things you see every day, or just some of the, some of the common challenges at the highest.
Sunil Mallya: Yeah, I think one of the key challenges, right, is that you’re dealing with sensitive information. Right? Here you are dealing mostly with sensitive personal healthcare information of you know, especially cancer patients. So there are certain data access restrictions that our [00:04:00] customers, and, you know, in general we have to follow HIPAA regulations as well, which means that, you know, the data has to be store transmitted and accessed in a certain way, right?
And there. Additional contractual restrictions that the customers might put in place, which prevents us from, you know, ha like, for example, contracting workers outside of the us right? So those are certain restrictions that we have to deal with. So we, we have to like ensure that, you know, if we have like offshore team members working with us and, you know, those folks cannot have access to P data.
So that means that, you know, you have to put some kind of re-identification process in. To ensure that those folks don’t get to see the us, you know, US based customer data. So those are certain challenges, right? So that prevents us from leveraging offshore resources to do a troubleshooting or, you know, production related issues.
So if a large part of your team is there, is, there’s out of the us, then it becomes a problem. But so, [00:05:00] As a, as a director or as a vp, you have to make sure that, you know, you have adequate staffing in place in the US right? To cover for all of those scenarios, right? To look at production issues and all that.
The other challenges that we see is that, you know, some of the software that we use to process phi, like for example, let’s say if we want to make outbound automated outbound calls, right? And then we want to use use a third party vendor, you know, to do. We want to, you know, we cannot just pick and choose any vendor, right?
So the, we have to make sure that the vendor that we choose is HIPAA eligible and is HIPAA compliant with the, all of those regulations, right? So they, there are certain regulations that HIPAA puts in place, right? The data like has to be, you know, encrypted for example, right? It has to be located within the us The service have developed in the US the call centers have to be within the us right?
So there are certain restrictions that that customers and regulations. Would want us to adhere to. So [00:06:00] whenever we pick and choose a software or a third party vendor, we have to ensure that, you know, that is done as well. So those are at least a couple of examples that I can think of. Right. Which are right off the top of my mind.
One more thing that I would also say is there are state regulations, like in addition to, you know, maybe we can cover that later. I think the state regulation as a part of FBA regulations,
Amir Bormand: that is. Absolutely. I, I guess something interesting you mentioned there about, you know, staffing on teams, obviously some of your options, you know, they’re, they’re, they’re a little bit more limited.
If you were, you know, not within the healthcare space, you know, you didn’t have to worry about P h i hipaa, you obviously have a little bit more flexibility when you’re planning out your team’s, you know, delivery capacity. Obviously you, you know, these going into it. How do you plan around knowing that you need to, like, if you needed to, you know, spin help quickly, that offshoring isn’t an answer.
Like how, how is that taken into account? [00:07:00] Yeah,
Sunil Mallya: so what we do when we go into sprint planning is to reserve a part of the capacity for production support and, you know, bug fixers and in general, like, you know, as a tech reserve, right? So usually some of our onshore members, what we do is we take 20% of their capacity every sprint and reserve.
Because we always know that, you know, there will be something that comes up in production or there is sometimes a need for us to quickly react and maybe design something very quickly. So it makes sense for us to park a little bit of capacity for that because if, if you don’t do that right, then there’s a chance that, you know, people can get burnt out very quickly because if they’re to do like a hundred percent of their work, plus, you know, to help us with support and other stuff, then it becomes a bit of a challenge.
So just planning. And that is really, really
Amir Bormand: helpful. Absolutely. And, and when you men, you know, so I guess if you’re looking at that, you know, trying to hold back, you know, some of that capacity production issues when you’re going through, you know, [00:08:00] your, your agile process, you know, you said every 15 days and you’re looking at delivery.
Knowing that that capacity is there. When you’re talking to stakeholders, you know, you have, you know, 20% less potential output when you’re talking to stakeholders is that, you know, how, how do you help make sure they understand, obviously like, hey, we’re gonna deliver, but it’s not like my team is, can be fully devoted, you know, we have a 20% overhead to kind of deal with some of those production issues.
Cuz obviously you have some limitations, like, is that a conversation with your stakeholders or? Are they, is it kind of transparent to them and it, and it kind of doesn’t factor into any of the you know, the planning for them. Yeah, it’s,
Sunil Mallya: it’s very transparent. So we make sure that, you know, it is a part of the board, right?
So there is Azure, DevOps, whatever. So we. We put that on the board, right? As a tech reserve. And there are planned activities, right, as a part which are identified and put on the board. There are certain stories. What we do is we tag them as stretch, right? [00:09:00] Which basically means that if we have the capacity, then we are going to get to it and do, but let’s say something happens in production and then we need to, you know, react and spend more time.
Troubleshooting and you knowing those issues, then some of the stretch stories will not make it basically to the spread. So it’s very transparent. So at the beginning of the sprint, it is very clear on what are committed you know, items are versus what the stretch items are. So, so, so that is how we make it
Amir Bormand: transparent.
Got it, got it. I guess when it comes to your, like specific, Process. Do you see are, is any of the part of the process kinda adopted to account for being within the healthcare industry, or is it, you know, pretty true to say if it’s Scrum? Are you guys pretty true to most of the, the Scrum tenants?
Sunil Mallya: Yeah, we are mostly true to the Scrum tenants.
We, it’s not, it’s not really specific to
Amir Bormand: healthcare. So I guess in terms of vendor selection, you obviously have some limitations to who [00:10:00] you could pick. Like when you guys are selecting a. And you also have state regulations, you, you mentioned obviously that’s adding a little bit more complexity. How does that variable of making sure a vendor, you know, is, is HIPAA compliant, but also you have the state regulations?
When you guys are evaluating that, is that more on the vendor to make sure then at that point they’re all, you know, you know, figured out the states as well? Or is it actually falls back on you and your team to make sure both those aspects are lined? So the vendor,
Sunil Mallya: vendor parties separate right? From the state regulations.
Right. So the state regulations are maybe, you know, certain laws or regulations that pass by certain states, right? And usually we develop custom software for that. Like, you know, they might say like, you know, the state of Texas might up and say, Hey, we have this new rule, which means that this set of drugs you know, have to be automatically approved.
Or just as an example then, you know, that is custom software on our side, which we would as far as [00:11:00] the vendor selection goes. Right. Vendors would normally mark their, you know, mark, whether they’re software or their services, HIPAA eligible or not. Right? Just to give you an example Twilio right, which is one of the telecommunications.
We just cannot go there and pick any of their, you know, APIs and start developing healthcare solutions on that. They have marked certain specific APIs as being, you know, APIs or services that they provide as being keep eligible. And we have to make sure that it is on us basically to ensure that. We pick and choose only the ones, only those APIs or services which are HIPAA eligible.
And usually what vendors also do is they charge us a premium since they have to provide all of those additional you know, security layers, right? As a part of the to make the services. Hipaa, they normally charge us a thing. And so, for example, could you charge us like a security edition? [00:12:00] They, they have something called a security edition where they charge additional amount on top.
What they would maybe charge a normal customer to ensure, you know, HIPAA eligibility and compliance for us.
Amir Bormand: Well that’s, that, that, that adds to some of your complexity. And I guess when I was just listening to that and I’m thinking through, you know, you mentioned early on third party vendor selection is in a straightforward, you have, you know, a subset you can pick from.
And then obviously I know you mentioned state regulations of vendor selection don’t all overlap cuz some of that might be custom. But when you’re looking at third parties and all of a sudden, you know, you’re looking at the options you have. Does Bill versus buy come into play at some instances where you’re like, Hey, I just, you know, think the, the subset is, you know, not a fit.
Obviously in the Twilio’s case, APIs are, might be common, but how often does Bill versus buy come into play? Because you, you might not have as many vendors to select from. Yeah. So
Sunil Mallya: sometimes [00:13:00] what happens is you know, a vendor might have a really good solution, right? But if it is not HIPAA eligible, that that means that we cannot use it for our development needs.
And then you look at, you know, there could be other solutions, right? Which are provided by, let’s say, other vendors, which may not be as good, but, so sometimes you have to go with like, not the very best solution, right? That is available. From like third parties. The other option obviously, like you said, is to build it, right?
So those are tough choices, right? And usually what we have seen is like some of the top tier vendors, like let’s take Microsoft Video, et cetera. When the first version of the solutions normally come out, they don’t come out where as being he eligible, right? So now say there’s something very cool that has come up.
Normally it is not hip eligible until you know, until it is just a certain level of maturity. And so it becomes a little hard for us to develop, you know, something cool, cutting edge, right? If [00:14:00] it’s not,
Amir Bormand: yeah, I guess, you know, somebody, I mean, I, I don’t have a, a healthcare background, so some of this is interesting to me cuz I’m listening and, and healthcare industry is it’s a massive market.
It’s, it’s, it’s ginormous. I, I don’t know how, how big it is monetarily, but it is in enormous. And I’m, and I’m thinking, you know, you’re here building solutions. That are integral, they’re important. And then you’re telling me sometimes you have to trade off because you know, you don’t get to select from the best vendors or products aren’t mature enough until they get to certain points.
Interesting. Cuz I. I’m kind of dumbfounded cuz I’d imagine in this industry, in the health industry, we would want to apply the best, the latest to make sure, you know, data, all this stuff is leveraged, but you’re telling me it’s exact opposite. And again, I, I don’t come from this industry. You do. So I’m kind of just dumbstruck.
Yeah. It’s surprising. Right. So, It’s easy for you. You’re, you’re like, ah, yeah, that’s just a normal that’s my normal [00:15:00] Monday planning session for me. I’m like, geez, like, okay. Well that’s, that’s interesting. I, I guess like when you’re, when you’re from the outside, you know, coming in, like, you know, when somebody joins your team and, you know, they’re used to going, Hey, I’m gonna research.
I need to solve this problem. They, they’re like, oh, that was all these vendors. And then you’ll say, Hey, time out. You know, sun’s come around now with the bad news that you can’t pick half of those vendors cuz they’re not, you know, HIPAA eligible. How do you ramp somebody up to start kind of adjusting to that?
Yeah.
Sunil Mallya: So that’s an interesting question. So, Yeah, usually what one of the key things that we do while recruiting is try to see if that person has a healthcare background, right? So, so that way, you know, they, they come, come with this idea and they have this knowledge of, you know, what they can take.
Cause not they cannot, but otherwise it becomes a challenge. Right? And then, you know, there’s usually training that we provide, right? When somebody’s on somebody’s onboarded and. You know, kind of help them think through the first couple of you know, [00:16:00] selections and designs, right? So, and then once that is done, they kind of understand the complexities and and what to look for, right.
In a vendor. And then, then it becomes easier. So yeah, initial, initial ramp up is a little hard. But then once you’re spent like, let’s say six months to a year, like learning how this thing works and operates, and then you
Amir Bormand: become a. You become a pro. I like that. I like that you, you’ve been doing this a while, sir.
For you. I, I, it’s, it’s secondhand and, and I guess when you’re kind of looking at, you know, your team and delivery and, and knowing that you have to deal with some of these, you, you know, issues like you’re not as, you know, free to, to make decisions and, and move at a certain pace when you guys are looking at potential solutions and you’re, and you’re starting to do the initial.
You know, planning for those type of new concepts or ideas, do you leave the extra time to make sure that you’re counting for potential running into dead ends or not finding the [00:17:00] right solution? I mean, I know at this point you’ve, you’ve been doing this long enough that you probably can’t anticipate, but generally speaking you know, you mentioned the production issue side, you leave 20% capacity, but when you guys are trying to solve, you know, something that you haven’t come across, how, how does that.
Yeah,
Sunil Mallya: so usually we plan ahead, right? I think any of these solutions are well designed right and documented even before we enter the execution phase. So the chances of us running into a dead end, I’m not, not saying that that doesn’t happen, but the chances of us running into dead ends during during the execution of the sprint is it, it’s pretty.
So I think a key thing to do to avoid running into is to plan ahead, right? And design, design very well. Design, make, make sure your architecture and design is, you know, running at least a sprint ahead. Better if it turns two sprints ahead, but at least a sprint ahead. Make sure that everybody’s on board with the design, understands, you know, what we are building, like understands the edges of [00:18:00] the requirements.
So that that would, you know, that is how we make sure that, you know, we don’t run into that
Amir Bormand: execution. That makes sense. I mean, it seems like, it seems like once you’re, once you’re within the space and, and, and you understand some of the ramifications, it’s, you know, it’s, it’s all hat. It’s pretty much the same as any other team you’re running.
So I guess, I know you’ve been doing this for a while. Obviously oncology is a subset of healthcare. Even more niche transitioning into the industry. You know, if, if you’re from the outside looking in is there anything you could do to, to get yourself prepared? Is there, or is it pretty much, you know, on the job training.
Yeah, so I’m
Sunil Mallya: pretty sure like, I wish I knew the answer right when I first joined healthcare. Cause I didn’t know, I was like, for the first six months I was kind of lost. I didn’t know, like, you know, what folks are talking, talking about qi and like all of these applications that, so it was kind of hard, you know, to ramp up.
But, but I think what I could have done better was probably read up a little bit right on [00:19:00] what, what was the business, right? What is the business model? That the company is operating in when they talk about treatment, right? What does that mean? Right? Maybe just Google it out, right? Understand what, how cancer treatment is normally performed, right?
What is, what is chemotherapy? What is radiation? Like? Who understand like what are the supportive care drugs, right? And then understand what is para prioritization, like, what are the stuff that we need to do to be compliant on the, you know, prioritization business. In a compliant manner. Right? So look at all of those things.
I think those are certain things which are easily available, which are, which are a Google search array, basically, right? So in the, I think search search on Google, right? And understand the domain that you want to work in, right? I think that’s true, not just for healthcare, probably for any domain, right?
So just to gain some knowledge and I think that that will help. Industries. Absolutely.
Amir Bormand: Absolutely. I guess, yeah, no, I, I, I mean, it seems like a super, I mean, you guys are obviously, [00:20:00] you know, doing a subset of, of, of the, you know, healthcare industry, oncology even, you know, more specific, even more details, obviously getting some exposures.
Interesting. Some of the complexities you mentioned. Definitely could imagine it’d be a challenge ramping up. But it, you know, also, it’s one of those where, you know, you’re helping, you know, towards a, towards a bigger cause bringing solutions. So I think it’s, it’s, it’s, it’s amazing and I appreciate you spending some time kind of going through some of those you know, challenges and, and managing teams and delivery within the healthcare space, or are specifically on.
So I guess, you know, before I let you go, two questions. One is if you had a question or topic you’d like a future, you know, technology leader to, to answer, is there something specific you, you’d like to hear about? Yeah.
Sunil Mallya: So it would be really, really interesting to see how you know folks to C I C D in their organization, right?
And what does that entail? Right? That, that looked really interesting to. [00:21:00]
Amir Bormand: Absolutely. Yeah, that’s, I I think I, I, I need to actually do one covering c i CD a little bit more. So I think that’s a, that’s a good topic. And secondly, if somebody wants to touch base with you what’s a good way of getting hold of you as LinkedIn email?
What’s your preferred way? LinkedIn should be good. Yeah. LinkedIn. Okay. We’ll make sure we include in the show notes so that somebody can get in touch with you. But Sunil, thanks for being gone. Thanks for sharing. Yeah, thank
Sunil Mallya: you so much. Am thanks
Amir Bormand: for having me. Absolut. That’s it for this episode. We’ve backed the end if we guest different topic until then.
Two things. One, you know, I, I actually need to do more episodes around C I C D and how different approaches are handled in, in different companies and kind of different maturity stages. So love to have. People on that would like to share. I think that’d be great. And then also if you found the podcast useful, if you’ve been listening share with somebody else review on the podcast app, your choice would be fantastic.
The podcast has been growing through that means, and I appreciate everyone who does that. Until next time, thank you and goodbye.[00:22:00]