SmithRx Named to Modern Healthcare's Best Places to Work in Healthcare in 2025 List
Founded in 2018, SmithRx has intentionally built a mission-driven and collaborative culture that drives employees to do their best work for clients and each other. Each SmithRx team member strongly believes in the company's mission of transforming U.S. healthcare and its transparent, universal pass-through model, which helps significantly lower pharmacy costs for employer clients. Paired with its innovative savings programs, SmithRx's approach to pharmacy benefits drives cost reduction for clients by an average of 30% or more.
'The people behind SmithRx have always been our secret sauce, with their contributions supporting our efforts to pioneer a smarter, fairer healthcare system in this country,' said Jake Frenz, Founder and CEO of SmithRx. 'It is our highest priority to empower our employees as they grow their careers, collaborate on complex problems, and find satisfaction in the work. We're so pleased that our team feels supported at SmithRx.'
SmithRx has experienced extensive growth since its inception. The company brought its total customer base to over 4,000 clients in 2024, and achieved more than $200M in savings for clients with minimal member disruption. This momentum has required an expanded team as well; SmithRx has grown its headcount by 450% over the past three years.
Modern Healthcare's Best Places to Work in Healthcare awards program identifies and recognizes outstanding employers in the healthcare industry nationwide. Modern Healthcare partners with Workforce Research Group on the assessment process, which includes an extensive employee survey. The complete list of this year's winners, in alphabetical order, is available at modernhealthcare.com /bestplaceslist.
'Being recognized as a 2025 Best Place to Work in Healthcare is a powerful testament to how these organizations value their people,' said Dan Peres, President of Modern Healthcare. 'In a time of constant change and challenge, this year's winners have shown a deep commitment to creating environments where employees feel supported, heard, and inspired to do their best work. That kind of culture doesn't happen by accident — it's intentional, and it's worth celebrating.'
About SmithRx
SmithRx is a modern PBM dedicated to reducing the cost and complexity of pharmacy benefits. The company empowers organizations of all sizes to take control of their pharmacy spend with a radically transparent, universal pass-through model, innovative cost-saving programs, and intuitive technology. Unlike legacy PBMs, SmithRx eliminates hidden fees, passes through 100% of rebates and discounts, and provides real-time prescription pricing and detailed savings reports. This gives clients the insights they need to make informed decisions and achieve meaningful savings for both their business and their employees. Experience the difference transparency, trust, and fairness can make in building a more equitable healthcare system. Learn more at www.smithrx.com.
About Modern Healthcare
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
CBS News
an hour ago
- CBS News
Keller: Should Massachusetts state workers be able to work from home?
The opinions expressed below are Jon Keller's, not those of WBZ, CBS News or Paramount Global. It's a legacy of the pandemic: thousands of Massachusetts state employees working remotely, at least part of the time. But is it preventing businesses and taxpayers from getting what they need from the state? It's time to return to the office, Tim Murray, the Massachusetts's former lieutenant governor who is now CEO of the Worcester Regional Chamber of Commerce, claims in an op-ed for the Worcester Telegram and an interview with WBZ-TV. "It's kind of a head-scratcher, I think, to me and to many others," Murray said, citing complaints about unresponsive state agencies from a health-care company seeking help processing a compliance review, a contractor looking for sign-offs on project permits but unable to get a return phone call or email, and a citizen trying unsuccessfully to communicate with the Department of Children and Families. "Common sense shows me that having people in the offices where they can readily and quickly get in touch with one another, huddle when decisions need to be made, is the way that we can best serve taxpayers," said Murray. The vast majority of American workers are back in the office at least part of the time since the work-from-home boom of the pandemic era. But Massachusetts state employees? Not so much. Both former Governor Charlie Baker and current Governor Maura Healey chose to enshrine remote work in state policy - not contractually but in memoranda of understanding, a decision Murray claims has gummed up the works at a moment when efficient state government is needed most. Meanwhile, Texas Governor Greg Abbott ordered all state employees back to the office in March. But just a few months after that ultimatum, he backed down in the face of backlash from unions and a state study that found remote work had improved service. It was a similar story in California, where Governor Gavin Newsom traded some return-to-the-office demands for union wage concessions. Did Massachusetts give away similar leverage to state-worker unions? "Certainly, that could be argued when so many others, including the teachers, are back to work," said Murray. Not true, said Theresa McGoldrick, of the National Association of Government Employees, a union representing 12,000 state workers. She said more than half her members do at least some remote work, adding, "telework saves money for the Commonwealth." And in a statement to WBZ-TV, a spokesperson for Healey said the administration "values in-person work" and that the majority of state employees do come into the office.
Business Wire
an hour ago
- Business Wire
Bowhead Specialty Management to Present at the 2025 KBW Insurance Conference
NEW YORK--(BUSINESS WIRE)--Bowhead Specialty Holdings Inc. (the 'Company', 'Bowhead Specialty') (NYSE: BOW) announced today that Stephen Sills, Chief Executive Officer, and Brad Mulcahey, Chief Financial Officer, will participate in a fireside chat at the KBW Insurance Conference on September 3, 2025, in New York. The fireside chat will begin at approximately 2:50pm ET and will be webcast live. Management will also be available for one-on-one and small group meetings. The event details, webcast and our latest Investor Presentation can be found within the News & Events section of our Investor Relations website at About Bowhead Specialty Holdings Inc. Bowhead Specialty is a growing specialty insurance business providing casualty, professional liability and healthcare liability insurance products. We were founded and are led by industry veteran Stephen Sills. The team is composed of highly experienced and respected industry veterans with decades of individual, successful underwriting and management experience. We focus on providing 'craft' solutions in our specialty lines and classes of business that we believe require deep underwriting and claims expertise in order to produce attractive financial results. We pride ourselves on the quality and experience of our people, who are committed to exceeding our partners' expectations through excellent service and expertise. Our collaborative culture spans all functions of our business and allows us to provide a consistent, positive experience for all of our partners.
Business Wire
an hour ago
- Business Wire
Small Medical Practices Are Sitting Ducks for Healthcare Cybercrime
SAN FRANCISCO--(BUSINESS WIRE)--Over 90% of U.S. healthcare providers operate as small organizations, yet a new Paubox report titled "What small healthcare practices get wrong about HIPAA and email security" reveals these practices are unknowingly exposing themselves to cyber attacks and federal compliance violations. 98% of small healthcare organizations falsely believe they're HIPAA compliant Share The study of 214 healthcare IT leaders and practice managers at organizations with fewer than 250 employees found that nearly all small practices (98%) claim their platforms "encrypt emails by default"—but most are using common tools like Microsoft 365 or Google Workspace that often fail to provide actual protection. "Nearly half of healthcare email breaches stem from Microsoft 365 alone," the survey found. The problem is that encryption may drop if a recipient's server doesn't support modern protocols, often without any alert to the sender—leaving protected health information completely exposed. The confidence crisis More than 80% of small practices expressed confidence in their current HIPAA compliance posture, but the reality is far different. The survey found widespread misconceptions that are creating massive compliance gaps: 83% believe patient consent removes the need for encryption—a costly misunderstanding. Federal regulations still require "appropriate safeguards" under the HIPAA Security Rule, even when patients agree to electronic communication. Getting a patient's okay to email doesn't eliminate the legal requirement for encryption and other protective measures. 64% believe patient portals are required for HIPAA compliance—yet the regulations say the opposite. HIPAA explicitly gives patients the right to request communication "by alternative means or at alternative locations, if reasonable." Portals are just one option among many, including secure direct email when proper safeguards are in place. 20% don't utilize any form of email archiving or audit trail—leaving one in five practices unable to investigate incidents after they happen or prove compliance during federal audits. These misconceptions create compliance violations that practices don't even realize exist, with healthcare providers unknowingly breaking federal law while genuinely believing they're following the rules. Cybercriminals target the vulnerable Phishing attacks—the leading cause of healthcare breaches—now account for over 70% of healthcare data breaches as of 2024. Small practices are prime targets because they typically lack dedicated security staff, formal training programs, or technical defenses. The survey found that 43% of small healthcare organizations reported experiencing a phishing or spoofing incident in the past year. Meanwhile, about 50% of these organizations lack anti-phishing controls beyond default spam filters, and nearly 99% have not implemented secure email transfer protocols. "Phishing attacks have evolved—they're faster, smarter, and relentless," noted Paubox CEO, Hoala Greevy. "It's not about one-off scams anymore; it's deception at scale." Beyond the breach When breaches occur, small practices face the same serious consequences as large health systems. Recent examples from the past year include: Solara Medical : $9.76 million class-action settlement following a phishing attack : $9.76 million class-action settlement following a phishing attack Sunrise Community Health : Email compromise affecting 54,000+ patients : Email compromise affecting 54,000+ patients Salud Family Health: Phishing attack exposing 80,000+ records Even smaller penalties come with major operational costs. Agape Health, a North Carolina clinic, paid $25,000 for emailing protected health information unencrypted to the wrong recipient, while Vision Upright MRI faced a $5,000 fine plus two years of federal monitoring after a server breach exposed over 21,000 individuals' medical imaging records. In 2025, healthcare breaches took an average of 224 days to detect and another 84 days to contain—over 10 months total. Without proper audit trails, many small organizations lack the systems to spot breaches until it's too late. Stretched thin and vulnerable The survey found that small healthcare practices are operating under dangerous constraints that create the perfect storm for security failures: One-third report not having enough time for compliance tasks—meaning critical security measures get pushed aside during busy patient care schedules. The same number have no clear policies or procedures in place, leaving staff to make up security protocols on the fly. Only half have phishing or spoofing protection enabled, despite facing the same sophisticated attacks that target major health systems. Meanwhile, the average small healthcare employee has access to more than 5,500 sensitive files—creating massive exposure when those unprotected phishing emails inevitably get through. This combination of time pressure, unclear guidance, and broad data access means a single clicked link can expose thousands of patient records. It's a vulnerability that cybercriminals are increasingly exploiting. What HIPAA investigators look for When HHS investigators arrive after a breach, they look for specific documentation that most small practices can't provide: Proof that protected health information was encrypted in transit—not just that platforms "support" encryption Audit logs showing who sent what to whom and whether it was properly protected Evidence of risk assessments documenting understood vulnerabilities Incident response procedures for when things go wrong "Every organization, no matter the size, is required to comply with the HIPAA Security Rule," emphasized Melanie Fontes Rainer, Director of the HHS Office for Civil Rights. "Risk assessments are not optional—they're foundational." The path forward With federal enforcement ramping up and cybercriminals increasingly targeting small practices, the window for voluntary compliance is closing fast. The practices that are getting ahead of this crisis share a common strategy: they've stopped relying on overworked staff to make perfect security decisions every time. Instead, they're implementing systems that encrypt every message automatically, maintain detailed audit trails without extra effort, and block phishing attacks before employees ever see them. "The cost of compliance is far less than the cost of a breach," the survey noted—and recent settlements prove it. At $25,000 to $9.76 million per incident, even "small" violations can devastate a practice's finances and reputation. For the 90% of healthcare providers operating as small organizations, the math is simple: invest in automated protection now, or face the much higher costs of breach response, federal penalties, and lost patient trust later. The choice is becoming less optional every day. The complete report, "What small healthcare practices get wrong about HIPAA and email security," is available for download at About Paubox Paubox is a leader in HIPAA compliant communication and marketing solutions for healthcare organizations. According to G2 rankings, Paubox leads the industry for Best Secure Email Gateway, Email Security, HIPAA Compliant Messaging Software, and Email Encryption solution, and is the only HIPAA compliant email company listed on G2's 2025 Best Healthcare Software Products. Paubox solutions include Paubox Email Suite, Paubox Marketing, Paubox Email API, Paubox Forms, and Paubox Texting. Launched in 2015, Paubox is trusted by over 7,000 healthcare organizations, including Cost Plus Drugs, Covenant Health, Devry University, and SimonMed Imaging.
