Case Studies Stillwater Medical Center

Stillwater Medical Center

DataMotion utilizes the DataMotion secure email content filter to automatically protect healthcare communications and increase compliance with HIPAA/HITECH regulations for Stillwater Medical Center.

Email Encryption
Healthcare

Background

The Stillwater Medical Center is a non-profit accute care general hospital in north central Oklahoma and has been selected 3 years in a row as one of Modern Healthcare’s Top 100 Best Places to Work in Healthcare. The 119 bed hospital is a regional health center for the area, providing a full range of services for its patients. Located in Stillwater, Oklahoma, the Medical Center’s systems and information technology staff report to the Chief Information Officer and include 12 systems analysts and 8 technical support analysts. Stillwater uses a Microsoft Exchange on-premise email server managed by their in-house IT group.

 

Challenges

Stillwater Medical had been a long time customer of the DataMotion secure mailbox solution. Prior to switching to the secure mailbox, users and recipients often had to exchange certificates making email encryption difficult and cumbersome or IT staff would create password-protected, self-decrypting executable files for users to send as email attachments. Secure email gave selected employees the ability to choose to encrypt certain email messages containing PHI on an as-needed basis and was very easy to use and IT staff no longer needed to create executable files to enable the secure transmission of PHI.

 

However, with HITECH giving HIPAA regulations more ‘teeth’ (including OCR audits) the hospital wanted to expand their usage to automatically monitor all of their outbound email for PHI. A risk analysis showed that installing a DLP (Data Loss Prevention) system would be a cost-effective solution.

shield-check

Complying with HIPAA/HITECH for PHI

Ensure compliance with the Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health (HITECH) Act

mag icon

Preventing False Positives

Reduce the risk of false positives (unnecessary encryption)

braces asterisk icon

Overcoming Inefficient Encryption Methods

Automatically monitor all employees’ email communications for PHI (Protected Health Information) and encrypt as needed

share icon

Certificate-Free Exchange

Eliminate the need to exchange certificates

cloud check icon

Simple Implementation

Be simple to implement and administer with no need for recipient software

icon smile

User-Friendly Interface Design

Be intuitive to use for recipients and users

The Solution

DataMotion Secure Email Content Filter

Stillwater decided to expand its use of DataMotion solutions across the organization by implementing Secure Email Content Filter as a DLP system.

In addition to manually encrypting selected messages, our Content Filter automatically identifies emails with PHI and encrypts them. A layer of automated filtering prevents human error from resulting in sensitive data leaks.

Optimized IT Resource Use

Using less resources, Stillwater has the same security standards as larger hospitals.

Automatic Detection

Secure Email Content Filter automatically scans emails for PHI and other sensitive information, encrypting them when needed.
Learn More
Picture doctor smiling
Learn More

Customizable Email Protection

IT staff can customize Content Filter’s coverage with powerful rule sets based on internal policies. Custom rules allow IT to prevent false positives that lead to unnecessary encryptions, like when basic financial information matches patient data.

Automated Feedback

Stillwater decided to expand its use of DataMotion solutions across the organization by implementing Secure Email Content Filter as a DLP system. In addition to manually encrypting selected messages, our Content Filter automatically identifies emails with PHI and encrypts them. A layer of automated filtering prevents human error from resulting in sensitive data leaks.

Expanded Security and Compliance

Secure Contact Solutions

IT staff can customize Content Filter’s coverage with powerful rule sets based
on internal policies. Custom rules allow IT to prevent false positives that lead to unnecessary encryptions, like when basic financial information matches
patient data.

No Unnecessary Encryption 

Stillwater now communicates more efficiently by encrypting only selected data.

More Employee Confidence

Employees are now much more confident that sensitive emails are protected.
Learn More
a women looking at a computer
Learn More
How We Improve Stillwater Medical Center’s Efficiency

Stillwater’s Journey to Security and Compliance

Challenges

Stillwater Medical Center faced several challenges related to HIPAA/HITECH compliance, false positives, and workflow efficiency when exchanging data containing PHI and other sensitive information. Our secure mailbox solution streamlined encryption, but Stillwater was still at risk of non-compliance.

Assessment

Our risk assessment determined that, in addition to manually encrypting emails, Stillwater staff needed a layer of automatic scanning and filtering to make exchanging sensitive information easier and prevent human error from risking further non-compliance. A Data Loss Prevention (DLP) system would help fortify security and ensure compliance.

Planning

Stillwater decided to implement DataMotion’s Secure Email Content Filter as a DLP system to address their compliance and security needs. Content Filter automatically identifies and encrypts emails containing sensitive information, reducing the risk of sensitive data leaks.
The hospital also decided to use our Secure Contact Us feature to facilitate secure communication with external organizations.

Implementation

Integration into Stillwater’s existing email system was seamless, smoothing the transition and helping the staff quickly adopt a more agile, automated workflow.

Results

Stillwater enjoys the encryption and compliance standards of larger hospitals using a fraction of the resources. Customizable rule sets allow IT to prevent false positives (unnecessary encryption), automated feedback expands security awareness, and Secure Contact Us extends Stillwater’s secure email environment to external organizations and individuals.

Results

  • Greatly reduced PHI exposure from email communications
  • Increased compliance with HIPAA/HITECH regulations
  • Reduced false positives, increasing user confidence and satisfaction
  • Security enforcement is now measurable.
  • Significantly reduced IT resources needed for outbound email security administration
Data graphics and buildings
Download Case Study PDF

“We have engaged DataMotion at my company for data transfers. The platform's file transfer solution enables us to securely transfer files between different sites, ensuring that sensitive information is not compromised during the transfer process. It also offers us a robust and secure messaging solutions that allow team members and clients to collaborate in a secure manner.”

Empty Headshot
Sarah Williams
Software Engineer Information Technology & Services

This Use Case might also interest you

Financial Service
Secure Message Center

Wealth Management Firm

DataMotion utilizes the secure message center APIs and Platform as a Service (PaaS) to integrate seamlessly into the financial services (finserv) company’s existing Customer Experience (CX) Platform to secure exchanges and meet compliance regulations.

Secure Your Confidential Data. Ensure Compliance.

Contact us to learn more about how our solutions can help your organization achieve its data security and compliance goals.