// Why CTRL — differentiators + honest social proof (no fake avatars/counts). const Comparison = () => { const mono = { fontFamily: "'JetBrains Mono', ui-monospace, monospace" }; const rows = [ ['Per-seat pricing', false, true, 'Flat rate, unlimited users'], ['Months to deploy', false, true, '30–60 days, guided'], ['AI assistance', false, true, 'Embedded in every module'], ['HIPAA-only focus', true, false, 'Built for § 164, not SOC 2'], ['Rural / CAH pricing', true, false, '15% off for qualifying orgs'], ]; return (
LEGACY GRC
CTRL
{rows.map((r, i) => (
{r[0]}
{r[1] ? '✓' : '—'}
{r[2] && } {r[3]}
))}
); }; const WhyCTRL = () => { const mono = { fontFamily: "'JetBrains Mono', ui-monospace, monospace" }; const { SectionLabel, SectionH, SectionSub } = window; return (
Built by compliance folks who got tired of the status quo. Legacy GRC platforms treat HIPAA as a checkbox in a SOC-2 suite. We treat it as the core program — with pricing and workflows that actually fit smaller healthcare orgs.
{[ { n: '01', h: 'HIPAA-native, not HIPAA-adjacent', p: 'Every module maps to 45 CFR, OCR Phase 2 protocol, and NIST CSF 2.0. No translating from generic controls.' }, { n: '02', h: 'AI with receipts', p: 'CTRL Assist cites regulations and internal workspace data. If a citation isn\'t there, neither is the answer.' }, { n: '03', h: 'Priced for the mid-market', p: 'Flat tiers based on organization size, not seats. Rural and CAH discounts. No enterprise-pricing games.' }, ].map(x => (
{x.n}
{x.h}
{x.p}
))}
{/* Honest founder quote instead of fake avatars */}
"
— FROM OUR FOUNDERS
"We built CTRL because we watched too many rural hospitals and specialty practices write six-figure checks to consultants for the same HIPAA program, over and over. An AI that knows the regs and your program should be the floor, not the ceiling."
Aaron Maloy · Founder, CTRL Security & Compliance
); }; window.WhyCTRL = WhyCTRL;