A US Hospital Ensures Data Security and HIPAA Compliance with Ekran System

About

Pending issue

Monitor users’ access to PHI, hospital software, and corporate servers.

The customer

A US-based hospital

Customer’s requests

• Ensure that staff handles patients’ data securely
• Prevent the loss of patients’ sensitive data
• Collect evidence in case of an incident
• Secure data stored on corporate servers

The challenge

Our customer is a general hospital that needed to establish robust security for patient data in order to meet HIPAA requirements.

It was essential for our customer to monitor how employees handle protected health information (PHI) and work with core hospital applications. They also wanted to keep an eye on privileged users to eliminate the risk of their stealing data, changing cybersecurity settings, or compromising corporate networks.

Another challenge for our customer was to make sure they could retrieve incident-related data in case of a security incident. They required this data to provide relevant reports and evidence according to HIPAA requirements.

And since our customer stores their most sensitive data on servers, they also needed to monitor the actions of users when accessing those servers.

After exploring several user activity monitoring and compliance solutions, our customer tried Ekran System. They appreciated its user-friendly interface, advanced features, and variety of deployment options, so they decided to adopt it.

The result

After deploying Ekran System, our customer successfully achieved HIPAA compliance thanks to PHI data protection and employee monitoring. In particular, they achieved:

Additionally, our customer enhanced their data security by leveraging Ekran System’s USB device management functionality. Now, they can monitor and control all connected devices and set rules for blocking the connection of prohibited device types.