Data Loss Prevention, Insider Risk

Data Breach Response & Caldicott Compliance

Ensuring compliance with regulatory requirements is a challenge for any company. The healthcare industry faces particular scrutiny ensuring patient information is secure, and confidentiality is not compromised. Similar to the Health Insurance Portability and Accountability Act (HIPPA) in the United States, St. MargaretŐs Somerset Hospice must conform to Caldicott principles, a set of guidelines established in England and Wales to ensure National Health Service (NHS) patient information remains secure and confidential.

A data breach and the risk to Caldicott Principles compliance cried out for monitoring software at St. Margaret’s Somerset Hospice. Their data breach response secured their data but also allowed for comprehensive monitoring of confidential information to remain Caldicott Principle compliant. “

In the wake of a disconcerting data breach, implementing computer activity monitoring software became a top priority of St. Margaret’s management.

The first program we tried was based on Windows auditing, and it was a dismal failure, said Middleton. Then we noticed Veriato Cerebral. We worked with Veriato in the UK, setting up a demo, which looked good. We followed that with a trial to ensure Veriato met our needs in action, and it did.

Since purchasing Veriato, St. Margaret’s Somerset Hospice also revealed instances of intellectual property theft. One employee transferred data to removable media and took it when they left their job. The data was completely gone. They actually took the ONLY copy of a document in existence … on a USB stick, said Middleton. Using Veriato, we were able to demonstrate it was on removable media. And because we were able to show this, we were able to have it addressed by our legal department.

From the beginning, that’s what we were looking for, to be able to see and track actions taken on a specific document, said Middleton. “Using Search to create an audit trail, to see who might have accessed a specific document, which was the initial request we could not comply with … until we implemented Veriato Cerebral.

Veriato has definitely been worth the purchase and the effort. When you compare it to the price of other software necessary to get a computer up and running in a business environment, it’s priced right. Veriato is part of the overall picture, an essential part of our network.

Insider Risk – How Prepared Are You?

Insider Risk – How Prepared Are You?

Not every company is equally prepared to deal with insider risk. This report outlines the four stages of insider risk maturity and explores how to improve your insider risk preparedness.

Employee Monitoring Resources

University – Monitoring Staff and Students

University – Monitoring Staff and Students

The head of HR at a large state university had a huge administrative staff that consisted of full time workers, hourly workers and student employees. The staff used university computers to do their jobs, and managers were having trouble knowing if they were focused on...

Law – HR Manager Monitoring Staff

Law – HR Manager Monitoring Staff

A manager approached the head of HR at a mid-sized law firm with several offices in and around New York with a problem. She had a suspicion that some of their administrative staff was taking advantage of working from home. After she saw one secretary share photos...