Companies that generate a lot of healthcare data have to balance end user adoption and strict guidelines to meet security and compliance mandates. Take Australia-based Medibank, for example. The company is the region's largest provider of telehealth solutions with a team of over 600 clinicians who provide more than 2.5 million healthcare interactions per year, over the telephone, online, and face-to-face.
Transferring Sensitive Healthcare Data via Email
Each day Medibank's employees transfer up to 15 GB of confidential healthcare data between Medibank sites and their 15 business partners. Even with all that data moving around within a highly regulated industry, Medibank had no dedicated file transfer solution in place. Instead, their employees simply used Microsoft Outlook to transfer patient data.
"As a health organization handling large volumes of sensitive data, using email to do so exposed us to unnecessary risk." – Jason Atkinson, IT Claims and Product Team, Medibank
Jason went on to note that Medibank needed to improve its security controls and auditing capabilities to comply with the Australian National Safety and Quality Health Service Standards and the Privacy Act 1988. The privacy act is quite similar to HIPAA in the United States.
And not only did the company need to adhere to regulation, but it needed to steer far away from a potential data breach in order to maintain its strong position of trust established with its customers, partners and the Australian healthcare industry as a whole.
Trading E-Mail for Secure, Managed File Transfer
The IT team at Medibank and other stakeholders didn't need any prodding to know that they needed something a lot more secure than e-mail to transfer files full of healthcare data. The company's IT team also has to manage dozens of different information systems and had to standardize on one file transfer solution for data exchange.
Medibank IT started to search for a single, secure, managed file transfer solution. They ultimately chose Ipswitch MOVEit Transfer that tracks the movement and status of each and every file. The IT team was finally able to get detailed visibility into all data interactions, including files, events, people, policies, and processes.
MOVEit Transfer also helps Jason and the team manage how sensitive information is moved between partners, customers, users, and systems. MOVEit secures data throughout the file transfer lifecycle by encrypting data in transit using SFTP, FTPS and HTTPS. It also supports SSH, TLS and SSL encryption protocols, and protects data at rest using AES-256 encryption.
Security Doesn't Have to be Inconvenient or Expensive
Securing healthcare data was just one important criteria. Another critical requirement for the IT team was to have a product in place that didn't require a lot of handholding by being easy for employees to learn how to use. Medibank's IT team needed all the help it could get to free up time so valuable resources could be better used, and its information exchange partners would be less burdened.
With desktop clients in place, employees send large files securely through a web browser. This reduces the chances of users exposing sensitive data by circumventing IT with file sharing solutions like Dropbox.
"Our people use MOVEit because they understand its importance and have found it very easy to adopt and integrate into their everyday processes." – Jason Atkinson, Medibank
MOVEit Transfer also collects and reports file transfer logs, providing the IT team with the transparency required by Australian healthcare regulations.
Security doesn't have to be expensive, either. Jason estimates that IT will achieve substantial time savings using MOVEit that will translate into over $30,000 each year, a figure that will increase as the number of file transfers grow.
Download a free 30-day trial and see how MOVEit Transfer will help secure your sensitive data and meet compliance mandates.