Egress Software Technologies, the leading provider of email and file encryption services to private and public sector organisations, announced today that Hospital Corporation of America (HCA), the world’s largest private healthcare operator, has selected Egress to secure and control sensitive information shared externally with doctors and other third parties in the UK.
The Challenge
Operating across 162 hospitals globally and employing over 200,000 staff worldwide, HCA annually treats more than 400,000 patients in the UK alone. With employees spread across multiple locations, HCA recognised the importance of securing the highly sensitive patient information that is shared externally. Despite having already deployed an encryption solution across the business, it soon became apparent to end-users and HCA IT staff that their healthcare professionals required more sophisticated functionality that integrated seamlessly into their day-to-day workflow.
Working between different clinics and hospitals, as well as on both private and NHS ventures, staff required a security solution that allowed them to encrypt highly sensitive information without adding complexity to existing business processes. “We were struggling in terms of ease of use, which was not only beginning to impact our support services but was also placing sensitive data at risk,” explains HCA Head of Information Governance & Security Meena Martin. “We already had an information security system, but people weren’t using it because it was regarded as being too complex and therefore it was often bypassed when data needed to be shared urgently.”
“Without Egress, we would have had to buy at least five different systems to meet our information sharing requirements – so it has provided a huge cost saving to us as an organisation.”
Meena Martin, Head of Information Governance & Security, HCA Healthcare
The Solution
HCA consequently approached Egress for a solution that would not only be secure, but also simple for busy medical staff to use. Working in close partnership, Egress and HCA utilised Egress’ fully configurable Intelligent Email Security platform to tailor a solution that enabled doctors to access encrypted information using their General Medical Council (GMC) reference numbers. “Having engaged directly with the user community, it was clear that additional usernames and passwords were not only creating barriers to adoption but also impacting our service desk,” Martin continues. “Instead, we wanted to integrate authentication with our database of active medical personnel so that the system would link the correspondence addresses to individual GMC numbers when sharing information electronically. This way, we no longer have the problem of people forgetting their credentials but are still confident that our information is protected throughout its lifecycle. To access the encrypted data, all the doctor needs to do is enter their GMC number – which is easy for them to remember.”
As a result, Egress has changed the way HCA shares medical information by tailoring the service to integrate seamlessly with existing infrastructure, as Martin explains: “Without Egress, we would have had to buy at least five different systems to meet our information sharing requirements – so it has provided a huge cost saving to us as an organisation. The fact that we’ve also managed to dramatically reduce the overall cost of ownership means that it’s a win-win all round!”
Commenting on the announcement, Egress Software Technologies Chief Executive Officer Tony Pepper stated: “We are delighted that HCA has chosen to secure their highly sensitive patient information using Egress. When it comes to information security, one size does not necessarily fit all, and at Egress we focus on working with our customers to provide cutting-edge email and file encryption solutions. In the majority of cases, this means aligning the solution to existing business processes so that information security does not get in the way of day-to-day work.
“Most importantly, now that HCA has an email and file encryption solution that is being successfully adopted across the business, their medical staff can continue to deliver the highest levels of patient care, while at the same time minimising support costs and any risk of data loss or reputational damage.”