healthcare organizations secure sensitive data and … · healthcare organizations secure sensitive...
TRANSCRIPT
Healthcare Organizations Secure Sensitive Data and Expand Regulatory Compliance with Salesforce Event Monitoring
N O V E M B E R 2 N D , 2 0 1 7
View the Replay
SPEAKERS
Bredai SnyderDelegated Oversight Program Manager Director of Sales and Solution Services
Brian Stone
AGENDA
The Care Coordination Institute’s (CCI) Background
How CCI uses Salesforce® to manage customers and meet compliance
Challenge: securing patient information and expanding regulatory compliance
How FairWarning and Salesforce Event Monitoring are used for:
• Compliance
• Information Security
CCI provides services and solutions to meet the evolving needs of clinically integrated networks (CINs), accountable care organizations (ACOs), integrated delivery systems and other healthcare providers and organizations.
2.3 Million Patients
150kManaged Lives
96Practices
7,500Providers
▪ Originally bought Salesforce as a CRM in 2013
▪ Grown to central point of Business Network for ACO clients
▪ Supports 7,500 providers
▪ Manages 150 patient investigations per month
▪ Manages 16 contracts per month
▪ Manages hires and terminations
▪ Reduced paper and manual processes by 85 %
HOW CCI USES SALESFORCE
As we entrust more sensitive information within Salesforce and grow our business, we need to ensure that we secure our data and increase compliance with federal regulations
CHALLENGE: HOW TO SECURE DATA WHILE
MEETING CLOUD COMPLIANCE
How Event Monitoring Looks in FairWarning
✓ Demonstrates event monitoring value
✓ Provides data protection and governance
for Salesforce and other cloud
applications
✓ Positions you for compliance with
privacy and security regulations around
the world
✓ Protect data accessed through mission
critical applications
✓ Forensic Investigations
✓ Insider Threat Detection and Remediation
✓ Predictive Behavioral Analytics
✓ Investigations and Governance Reporting
As required by
WHY WE CHOSE FAIRWARNING®
✓ Centralized space for trending user behavior across multiple platforms
✓ Compliance and Regulatory Adherence
✓ Created a Partner System that understands our Business, Staff and Clients
✓ Advanced Reporting and Analytics
✓ Supports multiple applications, data types, and user actions
Compliance
• FedRAMP
• HIPAA
• Data Retention to meet
regulatory requirements
• What reports are being run
• What data is being exported
• Who is logging in and from
where
Information Security
HOW WE USE EVENT MONITORING AND
FAIRWARNING
BENEFITS PROVIDED
• Accelerated informed decision making and expedited security response times
• Reduced manual processes and workload for auditing and security incidents from 2 weeks for 5 people to less than a day for two people
• Rapid and informed approach to data security
• Gained the ability to adapt and tailor each investigation to the threat at hand
• Tailored security monitoring to account for offsite and traveling employees
Where FairWarning Fits In Your Salesforce Data Protection Plan
FairWarning for Salesforce leverages the raw Event
Monitoring files and turns them into human readable
text – enabling any business-minded user to gain
powerful insights and take action.
• As you move to PHI to the cloud, you still have to
systematically monitor it.
• Just because your cloud apps are compliant with
industry regulations, doesn’t mean you are.
• User Activity Monitoring helps satisfy key
requirements in OCR audits.
Gain more insights into Event Monitoring and Salesforce Shield and join the conversation with FairWarning at Dreamforce (Booths 226 & 228). Breakout Sessions:
9:00am Salesforce Shield: Use Event
Monitoring to Drive Adoption and
Performance
9:00am Salesforce Shield:
Transaction Security and Event
Monitoring
1:00pm Salesforce Shield: Getting
Started with Event Monitoring and
Field Audit Trail
2:00pm Shield for Healthcare and
Life Sciences: Boost Security,
Compliance & Adoption
10:30am Salesforce Shield:
Protecting Your Customer’s Data
With World Class Security
11:00am Salesforce Shield Vision &
Roadmap: Taking Trust &
Compliance to the Next Level
Monday, Nov 06 Tuesday, Nov 07 Wednesday, Nov 08