One of our customers, a large healthcare system, had some patient information that was regulated by HIPAA make its way onto their Web site. To ensure it didn’t happen again, they enforced data protection with BitArmor DataControl.

Doctors at our customer’s hospitals don’t just treat patients, they also teach at universities and at seminars, both domestic and international. Clinical patient information is a critical portion of many presentations, so it has to move outside of their firewall. With so much data moving around so much, it’s not surprising that eventually something ends up where it shouldn’t.

One academic presentation included some x-rays marked with patients’ social security numbers. It was initially posted to a password protected Web site and deleted. But it wasn’t deleted off of a backup Web server, from which it was eventually served to a page that wasn’t protected.

The solution? The healthcare system turned to BitArmor to make sure documents were persistently protected with the appropriate access control rights embedded in the documents themselves. They were able to assign ACLs and expiration dates to certain types of files and documents on particular servers, then systematically destroy that data after it expired. That also meant that they reduced their risk of exposing patient information because they had fewer documents to keep track of. In addition, even if data did leak, since the document was protected, the organization's risk was reduced.

Find out more about how BitArmor specifically addessesthe various regulatory aspects of HIPAA compliance, download our HIPAA whitepaper.