DeKalb Medical Center

Dekalb Medical Center Secures Patient Data With Proofpoint

Dekalb Medical Center saw outbound email presented huge risk DeKalb Medical Center is a not-for-profit hospital system in metro Atlanta, Ga. The medical center has more than 600 beds across three locations. A leader in progressive medical technology delivered by a highly qualified and caring staff, the hospital system serves approximately 500,000 patients annually and offers a variety of community outreach programs.

As a medical center, DeKalb Medical Center is very sensitive about patient privacy. Recently, the organization conducted an audit of its data security and determined that outbound email was a high-risk area for protected health information (PHI) to leave the enterprise. As a first step, the medical center needed to secure its outbound email stream to ensure that PHI was not being sent out unencrypted.

In addition, many of DeKalb Medical Center's nearly 4,000 employees complained about the high volume of spam that they received daily. As a result, DeKalb Medical Center looked for a messaging security solution that would secure both its inbound and outbound email streams.

“We narrowed our selection down to three vendors and evaluated them based on their ease of use and ability to provide inbound and outbound email protection,” said Sharon Finney, information security administrator of DeKalb Medical Center. “Proofpoint had the strongest capabilities for detecting PHI, came with fully managed dictionaries of compliance terms built-in and was extremely easy to use. Not only that, but it also eliminated spam with near perfect accuracy.”

PROOFPOINT SECURES PHI AND ALLOWS FOR MESSAGE ENCRYPTION
DeKalb Medical Center purchased the Proofpoint Messaging Security Gateway™, an appliance that delivers the most complete and effective security for enterprise messaging infrastructures. The Proofpoint Regulatory Compliance™ module enables DeKalb Medical Center to comply with HIPAA regulations by scanning outbound email messages for PHI, such as patient data, drug names and medical procedures. Proofpoint has a comprehensive dictionary with code sets and rules, and keeps these definitions continually up-to-date.

“There are thousands of PHI codes that we need to keep up-to-date, so I was impressed that I don't need to do dictionary maintenance – Proofpoint takes care of that,” said Finney. “With our limited resources, our department does not have time to field a lot of rules. That's why it's so nice to have a solution like Proofpoint that works right out of the box and requires minimal ongoing maintenance.”

DeKalb Medical Center also purchased PGP's email encryption solution through Proofpoint. Together, the Proofpoint appliance and PGP encryption software give DeKalb Medical Center an easy-to-use system that can automatically encrypt sensitive messages based on customizable policies.

If the Proofpoint Regulatory Compliance module detects PHI in an outbound email message, the message is automatically encrypted based on rules and dictionaries. A copy of the message is also sent to a quarantine where a compliance manager can review its content so that DeKalb Medical Center can refine its rules. In addition, all sensitive email that is destined to DeKalb Medical Center's partners is automatically encrypted before it is sent out.

“The transition to Proofpoint has been seamless for our employees. They don't need to do anything differently, yet our patient information is much more secure as a result,” said Finney. “Proofpoint has allowed us to identify more than 1,200 emails each month that need to be encrypted because they include PHI.”

PROOFPOINT ALSO PROTECTS DEKALB MEDICAL CENTER FROM SPAM
In addition to providing outbound email protection, Proofpoint delivers the most powerful anti-spam protection in the industry. Proofpoint MLX™ machine learning technology analyzes more than 200,000 attributes in every email message to accurately distinguish between spam and valid email. On any given day, one-half to two-thirds of DeKalb Medical Center's inbound message volume is spam, and the Proofpoint appliance blocks those messages with near-perfect accuracy.

“The MLX technology makes such a difference, because Proofpoint considers the entire context of a message to identify it as spam, instead of just keywords, which is critical today because of the increasing sophistication of spam,” said Finney. “I walk on water at DeKalb Medical Center because our users are so impressed that they no longer have to deal with unsolicited email and they let me know how satisfied they are.”

Finney says she is pleased all-around with the Proofpoint deployment, not only because of how well the product works on inbound and outbound email, but also because of the support she's received from Proofpoint. “The product does exactly what the sales team said it would do. They were very honest and ethical in the sales process. In addition, I've found that the Proofpoint support staff is excellent – they respond well to all of our needs. When we went out to look for a messaging security product, we wanted something that would work well and reduce our management time, and Proofpoint has done exactly that.”

ABOUT DEKALB MEDICAL CENTER
Serving the community since 1961, DeKalb Medical Center is a not-for-profit hospital system that includes the 481-bed DeKalb Medical Center on North Decatur Road in Decatur, the 76-bed DeKalb Medical Center at Decatur in downtown Decatur and the new 100-bed DeKalb Medical Center at Hillandale in Lithonia. A leader in progressive medical technology delivered by a highly qualified and caring staff, the hospital system serves approximately 500,000 patients annually and offers a variety of community outreach programs.