Press Release

Content Security and HIPAA Compliance Assured with kiteworks When Sharing Protected Health Information

Accellion, Inc., the leading provider in hybrid and private cloud secure content collaboration, today announced kiteworks has been selected as the platform of choice for NYC Health + Hospitals in ensuring compliance with patient data privacy regulations during collaboration between medical staff and their external partners.

NYC Health + Hospitals is the largest municipal public health care system in the US, managing a network of 70 care centers including hospitals, trauma centers, neighborhood health centers, and other facilities, and providing healthcare services to over one million New York City residents every year. Its doctors, researchers and other staff frequently share and collaborate on high volumes of patient data and other sensitive information with internal colleagues as well as with external partners including City and State agencies.

Healthcare organizations are under increasing pressure to protect patient data, not only to ensure patient privacy and demonstrate compliance with HIPAA, but also to limit exposure to the risks of ransomware and other malicious attacks. With these imperatives, NYC Health + Hospitals developed a plan to identify and implement a collaboration solution that would enable clinicians to securely share and collaborate on patient data and other protected health information (PHI) with both internal users and external partners. Accellion was uniquely qualified to provide a security-first, HIPAA compliant collaboration solution that integrated with their existing systems and platforms and complemented current workflows.

A key component of the Accellion solution at NYC Health + Hospitals is a plugin for Microsoft Outlook, providing a convenient and secure method for clinicians and administrative staff to send attachments containing PHI or other sensitive information to external partners. With the Outlook plugin, staff can easily share content directly from their email application. When users “attach” a file to a message, instead of sending the file as part of the message, the email provides only a link to the content which is stored in kiteworks. Sensitive information is further protected in that kiteworks requires the email recipient to authenticate before opening the link and accessing the file, further ensuring an unauthorized user doesn’t gain access to the content.

“Our doctors and nurses handle large volumes of protected health information and it is our responsibility to ensure that this is done securely,” said Soma Bhaduri, director of Information Security & Risk Management at NYC Health + Hospitals. “With kiteworks, we can connect to our content repositories from a single platform and share PHI securely with our trusted partners through Outlook – an intuitive interface that our staff uses all day, every day. And because any file accessed or moved through kiteworks is fully auditable, we have valuable insight into all file activity involving PHI and are able to demonstrate compliance with HIPAA. We view these features as critical capabilities and therefore consider Accellion a crucial component to protecting patient data and ensuring patient privacy.”

Accellion will be hosting a webinar today at 1pm ET / 10am PT featuring Soma Bhaduri of NYC Health & Hospitals entitled “Shatter Barriers in the Patient Information Journey to Improve Care.” The webinar will explore key data security and governance strategies for sharing health data internally and externally to meet and demonstrate regulatory compliance. To register for the live webinar or access an archive recording, please click here.

For more information about how kiteworks helps healthcare organizations collaborate on PHI and demonstrates compliance with HIPAA and HITECH, please visit: www.accellion.com/solutions/healthcare/.