PROOFPOINT SOLUTIONS
FOR HEALTHCARE

Protect employees from email and social-media borne cyberthreats.

Healthcare organizations face unique challenges in protecting employees from email and social-media borne cyberthreats. Hospitals and insurance companies are constantly exchanging healthcare information about patients and services rendered or awaiting approval.

Proofpoint security solutions for health care institutions keeps malware, spam, and targeted attacks such as phishing out of your users’ mailboxes and social media accounts, and ensure that PHI is always protected no matter from where it is accessed.

As evaluated by Gartner, Proofpoint provides the best threat protection available today against external malicious threats. Our security solutions for health care institutions communications channels keep malware, spam, viruses, and targeted attacks such as phishing out of users' mailboxes and social media accounts.

Proofpoint Protection Key Benefits:

Proofpoint MLX Deep Content Analysis
Keep safe with accurate threat classification of phish, spam, malware, and other forms of objectionable or dangerous content.

Targeted Attack Protection
Continue to monitor and protect against URLs embedded in emails, which may “go bad” at any time

Multilayered Virus Protection
Benefit from signature-based, anti-virus, and behavior-based zero-hour protection.

Dynamic Reputation Service
Leverage Global IP and URL reputation.

Granular, Flexible Policy Management
Experience total control and flexibility regarding your email security preferences, policies, enabled services, end user controls, alerts and reporting.

Tools for Response
Have readily available tools on hand, in case you need to react to a direct attack.

Protect your employees against all forms of cyberattacks, including modern targeted attacks such as spear phishing and credential attacks as well as traditional threats such as spam and viruses. Stop advanced threats that are capable of evading even the most sophisticated signature- and reputation-based defenses before they can give attackers and cybercriminals a foothold in your network.

Proofpoint provides the industry’s leading Secure Email Gateway to block known threats–and Proofpoint Targeted Attack Protection™ is designed to identify suspicious email messages containing malicious URLs or malicious email attachments before their payloads can be delivered. Proofpoint provides an integrated defense against advanced email-borne threats that complements your existing Proofpoint cloud-based or on-premise email gateways.

Provide email encryption that’s transparent to your end users, but backed by a strong policy engine that ensures all PHI and other sensitive data is protected before it is sent outside of the organization. Proofpoint Encryption also makes sure that all encrypted messages are branded to your organization’s requirements.

Hospitals and insurance companies are constantly exchanging healthcare information about patients and services rendered or awaiting approval. Similarly, physicians communicate regularly with labs regarding patient tests. Safeguarding those communications with Proofpoint Encryption ensures that ePHI is protected.

Additionally, Increasingly doctors are looking to communicate directly with their healthcare patients for better patient care. Likewise, in a growing collaborative environment, healthcare providers are sharing more information to provide the best care possible—communicating between doctors and also between doctors and hospitals. Securing communications while discussing specific patient care is critical to maintain healthcare regulatory compliance. When those communications contain protected health information, it is critical that the healthcare organization provide easy use of email encryption to ensure compliance with healthcare privacy regulation.

Recipients of Proofpoint encrypted emails follow extremely simple steps to authenticate and access their messages. No pre-registration or exchange of encryption keys is required to use Proofpoint Encryption; ad-hoc email encryption is fully supported.

Ensure sensitive information—from research results to health records—is protected from unauthorized or accidental transmission.

Healthcare privacy compliance regulations such as HIPAA /HITECH regulatory compliance continue to evolve with audits becoming more frequent and fines continuing to increase. Movement towards stricter healthcare privacy compliance regulations is occurring all over the world as well, such as FIPPA privacy regulatory compliance affecting healthcare organizations in Canada.

But Healthcare professionals are extremely busy individuals whose priority is not necessarily to determine what constitutes PHI or encrypting specific messages regarding PHI. Instead, these users would be well served employing a policy-based encryption solution that accurately identifies the messages that should be encrypted.

Proofpoint in-place and outbound Data Loss Prevention and Encryption helps healthcare organizations with compliance requirements by accurately identifying emails containing sensitive information, and blocking or encrypting the messages before they leave the organization.

Proofpoint’s solution can detect sensitive data within a file—even if the file format has been changed. For example, with Proofpoint solutions you can detect a simple paragraph from a Microsoft Word document that had been copied into the body of an email, distributed file, or social media post. Proofpoint can then route the offending communication to IT, HR, or elsewhere appropriately.

Healthcare privacy compliance regulations such as HIPAA /HITECH regulatory compliance continue to evolve with audits becoming more frequent and fines continuing to increase. Movement towards stricter healthcare privacy compliance regulations is occurring all over the world as well, such as FIPPA privacy regulatory compliance affecting healthcare organizations in Canada.

Healthcare compliance regulations are becoming stricter and covering more organizations than ever before. In the United States, not only are healthcare organizations subject to healthcare compliance regulations and restrictions, but also so are their business partners, such as auditing and account firms.

Proofpoint in-place and outbound Data Loss Prevention and Encryption helps healthcare organizations with compliance requirements by accurately identifying emails containing sensitive information, and blocking or encrypting the messages before they leave the organization. Proofpoint also protects that information from viruses and malware, providing the industry’s best threat protection against modern-day, malicious threats.

Healthcare physicians are extremely busy professionals whose priority is not necessarily to determine what constitutes PHI or encrypting specific messages regarding PHI. Instead, physicians would be well served employing a policy-based encryption solution that accurately identifies the messages that should be encrypted.

This solution ensures your healthcare organization is maintaining compliance to healthcare privacy regulations but does not place the burden on physicians.

Proofpoint Encryption is easy-to-use email encryption, backed by a strong policy engine that ensures all sensitive data is protected before it leaves your organization. All encrypted messages are branded to your healthcare organizations compliance requirements.

Recipients of Proofpoint encrypted emails follow extremely simple steps to authenticate and access their messages. No pre-registration or exchange of encryption keys is required to use Proofpoint Encryption; ad-hoc email encryption is fully supported.

Ensure privacy in order to avoid data loss and remain in compliance.

Proofpoint Enterprise Privacy (outbound and in-place Data Loss Prevention and encryption) helps healthcare organizations adhere to healthcare regulatory compliance and privacy regulations by ensuring that email carrying patient healthcare information is always secured—whether that entails blocking the information from leaving a healthcare organization or (in cases where the healthcare information needs to be shared), or encrypting it before it leaves the organization.

Proofpoint Enterprise Privacy can be deployed either on-premise, with physical or completely virtualized appliances, or as a SaaS solution with no change in functionality. Healthcare organizations can maintain their healthcare regulatory compliance to increasingly strict healthcare privacy regulations while reducing costs by moving infrastructure into the cloud.

Proofpoint Enterprise Privacy Key Benefits:

Simplified Regulatory Compliance
Ensure your outbound messages comply with national and state government regulations, as well as industry-specific privacy regulations.

Superior Malicious and Accidental Data Loss Protection
Protect against the loss of sensitive data—whether from a cybercriminal attempting to exfiltrate valuable data from a compromised system, or from an employee accidentally distributing a file to the wrong party through email, webmail, social media, file sharing, or other Internet-based mechanisms for publishing content.

Easy-to-use Secure Communication
Share sensitive data easily without compromising security and privacy, and enable authorized external recipients to decrypt and read the communications from any device.

Ensure that your email systems comply with HIPAA and HITECH healthcare regulatory compliance. Comply with FIPPA healthcare privacy regulatory compliance requirements by automatically detecting and protecting personal information within emails.

Secure your email, distributed file, and social media that contain electronic Protected Health Information (ePHI) automatically with Proofpoint.

Allow sender-based remediation and help prevent healthcare regulatory compliance issues that result inadvertent data loss—the origin of the vast majority of compliance issues.

Smart Send
Proofpoint Smart Send is a feature that gives select administrators the ability to perform sender-based remediation. For example, a hospital administrator may attach a spreadsheet containing information on multiple patients. Smart Send can temporarily stop this message, send a notification back to the sender alerting them of the content within the message, but then also provide direct remediation options within the notification: the ability to block that communication permanently, the ability to release that communication, or to encrypt that message before sending (if email). Smart Send can be enabled for the entire organization or for specific groups.

Make use of our Smart Identifiers
Employ our Smart Identifier technology and dramatically reduce the number of false positives when scanning email, distributed file, and social media for violations. Proofpoint performs a variety of checks depending on the specific Smart Identifier, increasing the accuracy of the detection. For example, Proofpoint's Smart Identifier for credit card numbers performs the Lunh Algorithm check, which validates the checksum. This prevents any random 16-digit number from being flagged as credit card number.

Custom Smart Identifiers can easily be added as well, such as a Smart Identifier to detect medical record numbers.

ABA Routing Numbers and Social Security Number Smart Identifiers are pre-built into the Proofpoint solution.

Proofpoint contains several managed medical dictionaries, such as the International Statistical Classification of Diseases and Health Related Problems, 9th Revision (ICD-9) and the updated Revision 10 (ICD-10). These codes are updated and released by the World Health Organization and subsequently adopted by the US Department of Health and Human Services. As these updates occur, Proofpoint provides them directly to our customer systems. Customers may import dictionaries for use as well.

Proofpoint Enterprise Privacy fully supports the proliferation of various types of mobile devices within the healthcare workplace—and ensures that all emails, whatever their source, are scanned. Recipients of Proofpoint Encryption emails are also treated to a mobile optimized experience. If recipients access their encrypted messages from a mobile device, optimized pages are displayed. No mobile-side, client software is required. This provides all recipients with the best mobile experience, regardless of whether it is a Blackberry, iPhone, Android or Windows Mobile device.

Employ our single-platform, FISMA-compliant archiving solution with features that help healthcare organizations address challenges around email storage management, eDiscovery, and regulatory compliance.

Proofpoint Enterprise Archive Key Benefits:

Industry-leading Security and Privacy
Encrypt all email messages, files and other content with keys you control through our patented DoubleBlindTM technology. This ensures that no one can access a readable form of your data without your authorized access to the encryption keys stored behind your firewall.

Fully SEC Compliant Storage
Get a secure, tamper-proof SEC email compliance storage infrastructure comprised of geographically distributed data centers, which ensures that information is available in the event of service disruption to either location. Proofpoint Enterprise Archive meets all conditions set forth in SEC Rule 17a-4 paragraph f (2) (ii).

Robust Supervisory Review for Compliance
Make use of our robust supervision review features, significantly improving the efficiency of the compliance audit process. Our solution enables greater productivity of compliance staff and improves effectiveness in identifying and routing potential policy violations that require further review or escalation.

Make use of our policy-based controls to capture social content so that it can be managed as any other critical information asset would be. Capture all social conversational content in real-time—even if a user deletes that content. This ensures that you remain compliant with specific financial regulatory obligations.

Proofpoint Social Platform for Archiving Key Benefits:

Channel-specific Modules
Use channel-specific modules that leverage existing APIs to capture content directly from the source.

Flexible Capture
Capture social content (along with associated links or attachments) for all or a subset of users to address specific requirements for specific users who must be monitored and supervised for regulatory compliance. Subsequent posts can also be captured to maintain communication threads.

Location-Aware Capture
Use APIs to capture data from original social media sources allows content to be captured regardless of where users post (e.g., web browser, iPhone, iPad, Blackberry, Android, etc.).

Advanced Compliance Capabilities
Automate and streamline critical compliance tasks. These include mapping to user-specific journaling destinations, conditionally capturing content for users, indicating record followers, and custom email tags.

Policy-based Retention
Securely store all social content in your existing information archive, thereby adhering to your corporate electronic communications retention policy.

Single Pane of Glass with Enterprise Archive
Search, discover, supervise, and report on social content alongside email and IM content.

Support for Existing Archives
Deliver social content to your existing archive, enabling you to leverage existing supervisory tools without complex archive migration. Seamlessly integrate social media content into solutions, including Symantec Enterprise Vault, EMC, Bloomberg Archiver, HP/Autonomy, Smarsh, Global Relay, and others.

Achieve sustainably fast and reliable access to archived messages for improved response to regulatory inquiries and legal discovery.

Proofpoint Enterprise Archive is optimized for speed. Its intuitive design allows legal discovery and compliance teams to conduct self-service searches against email, instant messages, social media, and the contents of more than 400 types of attachments—with results presented in seconds.

Unlike any on-premise system, Proofpoint Enterprise Archive performs consistently and reliably, regardless of how large the data repository or how complex the search.

Also unlike any other company in the industry, Proofpoint is the only one that backs this performance with a Service Level guarantee.