Customer Stories

Regional Psychiatric Hospital

Situation

A regional nonprofit 100-bed hospital has a well-established reputation for success in treating children and youth experiencing emotional and behavioral challenges. Patients are treated through residential stays and/or are engaged through its community services and day-treatment programs.

The hospital realized its extensive connections to outside physicians, government agencies, independent and adjunct therapy practitioners and multiple services or supplier entities (business associates) presented a huge challenge with information security and ongoing compliance with Federally-mandated HIPAA and Fair Use regulations. The situation called for a solution to protect the information (rather than protect the network, a customary and already necessary step) without limiting good effective patient care and treatment.

CloudVault Health delivers confidence

CloudVault Health engaged with the hospital’s leadership team to deploy its patented technology to first find, then ultimately protect, the hospital’s sensitive data. Here’s the process:

First

CVH worked with the hospital’s in-house technology team to validate the technology on a representative cross section of the organization’s end-users, refining an install approach that assured a seamless, worry-free confirmation of how the product worked and its effectiveness in discovering unprotected sensitive information among the selected end-users. The test identified several thousand records that included both sensitive and regulated information. This provided a picture of how the CVH SaaS solution will work across the larger group of end-users.

Next

As a result of the validation, CVH will apply its technology across the entire hospital – including selected outside resources who send or receive information from the hospital.

Now

The end-game? All of the hospital’s sensitive information will be continuously monitored to ensure it is managed according to the hospital’s data classification policy and HIPAA requirements. Once installation is complete, the sensitive HIPAA-related information will be discovered, cataloged, monitored and protected seamlessly and continuously, thus protecting patient information and the hospital’s well-establish brand credibility.

Technology Services Outsourcing for Healthcare Providers

Situation

A systems management company supports physician groups and similar healthcare-related clinics or organizations. Its technology services capabilities have expanded over the years to include management services areas like ambulatory EHR, document management, patient portals, practice management, Knowledge Base Model (KBM) information management, and health information exchanges.

The company has leveraged its extensive experience and working knowledge of healthcare systems to fuel strong growth, and it now provides services to more than a hundred healthcare client organizations across the U.S. encompassing hundreds of end-point users. OCR HIPAA regulations classify this company as a ‘business associate’, considering the extent to which it has access to and immerses itself across clients’ information technology systems.

The company saw an ongoing need to reliably strengthen compliance with HIPAA requirements. Moreover, the company also recognized the potential for information risks among its clients who express a need for stronger control to ensure HIPAA-qualified PHI records are tracked and protected—the clients look to their trusted technology management provider for guidance on critical technology security challenges.

CloudVault Health delivers confidence

CloudVault Health engaged with the healthcare technology management company to deploy its patented technology to first find, then ultimately protect, the sensitive data, tracking where it is, where it goes, and who has it.

First

CVH worked with the healthcare practice management company to validate the technology on a selected servers where the organization’s end-users access internal and client data. CVH refined and confirmed an install approach that assured a seamless, worry-free confirmation of the product’s effectiveness in discovering unprotected sensitive information.

Next

Full deployment across all relevant servers is expected soon. The end result? The services company will ensure all HIPAA-regulated data is identified and then monitored for movement and duplication across the organization or to outside end-points

Soon

The company -recognizing the strength and uniqueness of CVH technology- will begin recommending the solution to its clients to ensure they remain in compliance with HIPAA regulations.

Healthcare Benefits Enrollment Service

Situation

A company leverages its proprietary technology to provide healthcare benefits enrollment support for large employers and/or specific insurers that offer group benefits plans. The service model requires the specialized company to periodically place its people (sometimes contract resources) on-site at employer locations, where the resource meets individually with employees to collect relevant personal information to formally enroll employees for benefits plans.

Because the enrollment services company has multiple laptops that travel with individual team members assigned to employer locations, a single laptop hard drive would typically store records for thousands of employees, featuring health-related and family information coupled with personalized data such Social Security numbers, resident address and family member names and birthdates.

OCR HIPAA regulations easily classify the enrollment services company as a ‘business associate’, considering the nature of the personally identifiable health-related information they collect and store on portable devices. Thousands of HIPAA-classified PHI records could be at risk physically with remote laptops and through central data storage. The situation called for a solution to protect the information (rather than protect the network, a customary and already necessary step).

CloudVault Health delivers confidence

CloudVault Health engaged with the healthcare benefits enrollment company to deploy its patented technology to first find, then ultimately protect, the hospital’s sensitive data, tracking where it is, where it goes, and who has it.

First

CVH has deployed its technology across selected end-user devices, demonstrating its capability of finding sensitive HIPAA-regulated data.

Next

Full deployment to all the company’s end-users will be complete soon, and data will be monitored and tracked to ensure its protected and that data no longer relevant to immediate is deleted from end-points.

Invoicing & Practice Management Services for Healthcare Providers

Situation

A Midwest-based billing and practice management company has effectively supported healthcare organizations that provide pathology/laboratory, radiology and orthopedics patient services across the U.S. The 20-year-old company has an established reputation for strong reliable performance. The company leverages advanced technology and its extensive experience in practice management and billing, open-architecture communication and outstanding data/reporting. Services include coding; primary review & audit; electronic data management (outbound & inbound); claims & patient-encounter tracking; cash posting; adjustments/write-off management and refunds administration.

OCR HIPAA regulations classify this company as a ‘business associate’, due to the extent to which it accesses and manages its clients’ information technology where patient financial-related information coupled with patient treatment information is stored.

The company saw a need to confirm compliance with HIPAA requirements tied to its services. Moreover, the company also recognizes the potential for information risks among its clients who express a need for stronger control to ensure HIPAA-qualified PHI records are protected—the clients look their trusted technology management provider for guidance on critical technology security challenges.

CloudVault Health delivers confidence

CloudVault Health engaged with the healthcare technology management company to deploy its patented technology to first find, then ultimately protect, the sensitive data, tracking where it is, where it goes, and who has it.

First

CVH worked with the healthcare billing & practice management company to validate the technology on a selected servers where the organization’s end-users access internal and client data. CVH refined and confirmed an install approach that assured a seamless, worry-free confirmation of the product’s effectiveness in discovering unprotected sensitive information.

Next

Full deployment across the relevant servers will be underway soon. The end result? The services company will ensure all HIPAA-regulated data is identified and then monitored for movement and duplication across the organization or to outside end-points.

Soon

The company -recognizing the strength and effectiveness of CVH technology- will begin recommending the solution to its clients to ensure they are in compliance with HIPAA regulations as well.