In this latest blog post we are going to show you how to best set up Nightfall to discover and protect HIPAA data stored across your organization, maintaining patient privacy and helping avoid regulator fines.
How does the HIPPA protection with Nightfall work?
Nightfall is a cloud-native data loss prevention platform that integrates with cloud services like Slack, Confluence, Salesforce, Google Drive, and more in order to discover, classify, and protect sensitive data. Nightfall is setup in three easy steps that you can complete in under 3 minutes:
How can healthcare teams use Nightfall
Today, Nightfall helps both high-growth healthcare startups and established healthcare organizations maintain HIPAA compliance across their SaaS applications. Some ways that healthcare companies use Nightfall include:
- Preventing unauthorized PHI disclosures within collaborative tools. Applications like Slack strongly encourage users to deploy tools like data loss prevention that allow organizations to have visibility into what’s being shared in their instance. Nightfall is a trusted Slack partner with many of Slack’s healthcare customers, relying on us to monitor for inappropriate sharing or disclosure of PHI.
- Limiting PHI to minimum necessary. Within applications that are authorized to store PHI, like Salesforce, customers need to know that they’re only storing nothing more than the minimum necessary to conduct business operations.
- Encrypting PHI over email. Through our partnership with Virtru, healthcare companies can leverage an email encryption solution that intelligently detects the contents of an outbound message and applies encryption whenever a message contains relevant PHI.
Use the HIPAA Compliance Templates below to select the appropriate Nightfall detectors and confidence level to ensure HIPAA compliance.
HIPAA compliance templates for Nightfall DLP
For most standard scenarios, we recommend the following Detection Rule template for HIPAA use cases.
About Nightfall's PHI detector
Nightfall's HIPAA compliance capabilities are enabled through our PHI detector which is built from the ground up to identify PHI as defined by HIPAA. Using context analysis, the PHI detector only sends alerts when it discovers HIPAA-defined PII like names and addresses in the same context as ICD 9/10 codes, drug names & codes, and more.
For HIPAA-bound entities leveraging cloud platforms, this is the most efficient way to monitor, manage, and scale HIPAA compliance in your cloud apps. Learn more through our blog post or through our datasheet.