Blog

Tag: Children’s Medical Clinics

You Really Can Keep the Bad Guys from Stealing Your DataOver the last few years, we have all heard of companies in all industries lose their sensitive internal data, whether stolen or leaked to the outside world. These incidents included theft and sale of customer account details to external parties, printing and copying of sensitive data, loss or theft of laptops, USB sticks, disks and mobile devices, to name just a few. A common thread in a vast majority of these incidents involved internal users, trusted third parties and consultants.

Protecting a company’s most valuable assets is of paramount importance, yet a majority still fail to recognize the impact a mistake or malicious act by an insider can have on their businesses. They fail to adequately put measures in place to reduce or eliminate their risk from authorized users.

Here are a handful of recent cases:

 

Today organizations have a significant budget to implement IT security, they implement security policies and educate their authorized users.  Most are significantly invested in technologies like VPNs, firewalls, virus protection, end-point encryption, data at rest encryption, data in motion encryption, data loss prevention (DLP) and monitoring technologies. With all this investment, why are these types of breaches still taking place?

And, why are the customers and patients left with the burden of dealing with their compromised personal information when breached entities get a slap on the wrist, and offer those that are affected a big “pacifier” in the form of identity theft protection for a year or two?  Everyone is overlooking the fact that once the confidential data gets out, it is out there indefinitely, unless you have some means to dynamically render this data useless.

While these technologies are necessary, they expose unprotected data to unauthorized people.  Most companies are driven by “compliance” and compliance does not equate to security. True security requires you to protect sensitive data and files when you create them, and to apply persistent usage policies that travel with the files throughout their life, regardless of location. That guarantees you are in control at all times of the lifeblood of your business.


Massive PHI Breach at Children’s Medical Clinics of East Texas

Children's Medical Clinics HIPAA violationAn employee of the Children’s Medical Clinics with a retaliatory agenda to cause damage to the clinic’s reputation, stole and improperly disclosed the confidential data of 16,000 patients. Notification letters were sent to affected people to inform them that an employee took paper records from the facility and sent screenshots of electronic patient records to a former clinic employee. The Office for Civil Rights (OCR) health data breach portal indicates patient names, dates of birth, diagnostic information and treatment information were disclosed.


Challenge

Your employees access sensitive and confidential patient information daily so they can do their jobs. Without persistent data-centric security, they can devise creative ways to defeat traditional perimeter based security measures. They can change the name of a sensitive file before printing it to avoid detection by security systems or make screen captures of sensitive information. If you are in healthcare, you need to protect printed PHI and other sensitive information from easily leaving your premises.  This is a HIPAA violation and can result in massive fines and legal action.


Fasoo Solution

Advantages

Fasoo can block printing or require approval prior to printing a document if the document contains sensitive information. Each printout can be forced to contain a visible watermark showing who printed it, including company logo, user name, IP address, time, date and other identifying information. This allows you to know the source of a potential data breach and deters people from inappropriate behavior when handling sensitive patient information. This solution works with any physical or virtual printer eliminating problems of using different printers or printer drivers. A full audit trail of all print activities, including the text or image of the actual printed content, ensures complete control of your printing environment. In addition, Fasoo can prevent screen captures. These features reduce risk of exposing patient information.
  • Restrict printing documents with PHI or other sensitive information
  • Require authentication prior to retrieving a printout
  • Apply dynamic watermarks to printouts without user intervention
  • Trace and manage printing activities, including the actual content of documents in text or image format
  • Limit printing to virtual printers
  • Control who can View, Edit, Print and take a Screen Capture
Categories
fasoo_logo
Contact Us
Your data security journey starts from here!
See how Fasoo can help your data privacy and security.