Webinar: Join us, Tues 5/24. Nightfall & Hanzo experts will discuss how machine learning can enhance data governance, data security, and the efficiency of legal investigations. Register now ⟶

Carnelian Assisted Living implements HIPAA-compliant DLP in Slack with Nightfall

Adlai Grutas, co-owner

Industry: Elder care 

Profile: Carnelian Assisted Living is an assisted living community in Walnut Creek, California. They provide activities of daily living (ADL) care for elderly patients with dementia, like assistance with dressing, bathing, eating, and taking medications. The staff at Carnelian Assisted Living coordinate care for their patients with the patients’ families and physicians via Slack for efficient and fast internal communications. Because families trust Carnelian Assisted Living to provide daily care for their loved ones, co-owner Adlai Grutas identified the need to protect sensitive healthcare information for all patients within their Slack workspace. Nightfall allows Carnelian Assisted Living to secure all data within their Slack with easy to use data loss prevention (DLP) integrated directly into their Slack platform.

HIPAA requirements as a goal for data security

Carnelian Assisted Living co-owner Adlai Grutas understands the value of strict data security for the patients at his facility and made HIPAA-compliance standards a goal for Carnelian Assisted Living in Slack. 

“We handle a lot of patient health information in our Slack, so we have internal best practices to follow HIPAA compliance requirements and train our employees on how to safely work with this kind of information,” says Adlai.

Along with strong data security controls, Adlai and his team needed a wider view into the sensitive data that exists in their Slack, including what’s contained in messages and files shared among the Carnelian Assisted Living staff. Tracking down individual messages and monitoring every channel manually is an inefficient approach to data security. Carnelian Assisted Living turned to Nightfall for automated scanning in Slack and HIPAA-compliant data security all in one platform.

Automated data security in Slack made easy and quick

Nightfall’s high accuracy detection powered by machine learning-based detectors makes it easy for Adlai and his team to find the data that must be protected within Slack. One of Carnelian Assisted Living’s biggest data security concerns is sensitive data being posted in the wrong place in Slack. Adlai and his team can scan their entire Slack workspace for protected health information (PHI) like social security numbers, patient names,email addresses, and ICD-10 codes to get notifications when PHI is being shared inappropriately.

“Nightfall allows me to see everything that is being posted in the channels in Slack. I get a notification each time PHI is posted to inappropriate channels. From there, I’m able to inform the user that they’re not following our internal data sharing policies. In the cases where critical data is shared in Slack, I can quarantine or block it in the moment. I don’t have to dig through each channel or every piece of information to find a violation. In the time it would take me to do all that, anyone in the company could have seen or downloaded the sensitive data. Nightfall flags everything for me,” says Adlai.

Nightfall provides simplified data security for Adlai and his team with pre-tuned detectors for PHI right out of the box. With setup and deployment complete in minutes, Adlai’s team had HIPAA-compliant DLP in Slack up and running almost instantaneously. “Nightfall saves us several hours a week that we would spend manually monitoring and managing data in Slack, looking for HIPAA violations. I don’t have to constantly monitor Slack anymore. I let Nightfall run scans and flag the data I need to review,” says Adlai.

Data security awareness for the entire organization

Since Carnelian Assisted Living added Nightfall as their DLP provider in Slack, Adlai and his team have learned valuable insights into the company’s overall security posture. “I was surprised to learn how much sensitive information we were sharing on Slack. Before we had Nightfall, I didn’t know how big the issue was,” says Adlai.

They implemented Nightfall with HIPAA compliance in Slack in mind. Nightfall’s automated scanning also helps Adlai and his team find other sensitive information they’re sharing in Slack, which is helping them craft a better overall security program. 

“Internally we share our company credit card numbers in Slack when making purchases for the business, or there’s sensitive information that we don’t realize is in documents that we’re sharing among the team. Whether we’re posting a picture of a credit card or sharing a PDF with PHI in it, Nightfall identifies these types of data and notifies us right away,” says Adlai.

Nightfall is a fast, reliable, and actionable DLP solution that makes it easy for Carnelian Assisted Living to maintain HIPAA-compliant communications in Slack. 

“Nightfall is the most cost-effective and easy to use DLP solution out there. It works right out of the box. The predefined detectors allow us to scan for data we need to protect. Other DLP solutions cost five to 10 times more and are too cost-prohibitive for a small business like ours.”

Nightfall logo icon

About Nightfall

Nightfall is the industry’s first cloud-native DLP platform that discovers, classifies, and protects data via machine learning. Nightfall is designed to work with popular SaaS applications like Slack, Google Drive, GitHub, Confluence, Jira, and many more via our Developer Platform. You can schedule a demo with us below to see the Nightfall platform in action.


Schedule a Demo

Select a time that works for you below for 30 minutes. Once confirmed, you’ll receive a calendar invite with a Zoom link. If you don’t see a suitable time, please reach out to us via email at sales@nightfall.ai.

call to action

See Nightfall in action.

Schedule a demo