Safend Endpoint Security

Site Map | Contact Us | Partner's Portal Login

Customers Testimonials

Government Agencies

Case Studies

Design Partner Program

Case Study: Baptist Memorial Hospital

Maintaining Data Security and HIPAA Compliance

The Challenge:
In 2005, Baptist Memorial Health Care Corporation, a major healthcare provider in Memphis, Tenn., began a proactive push to protect their network PCs from data leakage. Baptist needed a policy for securely storing information that was also HIPAA compliant.

Objectives:

Establish company-wide data storage policies
Increase visibility of network connections
Eliminate the use of unauthorized USB devices

The Process:
Baptist Memorial Health Care Corporation is a $1 billion company which maintains 20 hospitals and other healthcare facilities. Data storage for their network PCs was an issue largely being handled on an individual basis through the utilization of removable media such as CDs and zip drives.
Given its size and remote access concerns, Baptist needed an across-the-board solution that would allow for secure storage, device visibility, and flexible restriction of USB connections that would also meet HIPAA mandates.

Safend provided a free download of Safend Auditor which allowed Baptist’s IT department to see what devices were currently connected at each network endpoint. They were also able to determine which devices had been previously connected.

“We have 6000 end-user computers to secure,” said Lenny Goodman, IT director for desktop management at Baptist Memorial Health Care. “With HIPAA compliance necessitating data accountability, Safend’s ease-of-use, audit capabilities, and integration with Active Directory simplifies requirements.”

After spotlighting vulnerabilities, Baptist decided to deploy Safend Protector, a software solution that controls data access from physical ports of all enterprise endpoints, such as USB, FireWire, WiFi, Bluetooth, Infrared (IrDA), and CD/DVDs. Operating at the kernel level, IT managers were able to set granular policies regarding peripheral device connectivity.

As Safend Protector includes a comprehensive list of available communications and storage devices, Baptist was able to confidently blacklist unauthorized devices and assign access only to encrypted drives that would ensure HIPAA-compliant data storage.

Benefits:

Safend’s technological partnership with drive manufacturer eased search for compliant data storage product
IT staff able to audit environment for all attached devices and turn off any that are not approved
Corporate policies updated to reflect advances in removable media and communications technology
Deployment of solution took minimal time and resources due to compatibility with Active Directory and negligible use of CPU resources
Provided a corporate standard device for approved data transport purposes.