Aaron’s protects data in custom applications built on ServiceNow with the Developer Platform – Watch the story.
Years of Bariatric surgery
Staying safe in Slack: Blossom Bariatrics counts on Nightfall for HIPAA compliance
Years of Bariatric surgery
HQ Location: Las Vegas, NV
Artemus Hules, IT Manager
The bariatric surgery market is growing year over year in the United States, from 158,000 surgeries in 2011 to 252,000 surgeries in 2018. Over the last decade, weight loss surgery demand has increased, leading to a boom in the number of clinics offering these procedures. Blossom Bariatrics has become one of the premier bariatric surgery clinics in the Las Vegas area. They provide surgical treatment options for weight loss, plus hernia, gallbladder, and anti-reflux surgeries.
Blossom Bariatrics specializes in medical travel. Their most popular program is Fast Track, which attracts patients from around the U.S. looking for gastric sleeve surgery. At Blossom Bariatrics, patient care goes beyond the operating room. Blossom Bariatrics offers pre- and post-surgery care resources with diet and lifestyle coaching from the staff, videos to prepare for surgery, and an app to help patients through every step of the process. They also produce a podcast that addresses questions and concerns for weight loss surgery patients.
Providing a high level of patient care while expanding the business posed challenges for Blossom Bariatrics, namely maintaining HIPAA compliance in Slack. As the clinic grew and hired more staff, IT manager Artemus Hules took on the challenge to unite every team’s communications into one Slack organization. With that move, Artemus faced a major obstacle — ensuring patient data was kept safe and confidential at all times in Slack. Nightfall DLP for Slack provides the protection Blossom Bariatrics needs to stay HIPAA compliant.
Protecting PHI across all Slack communications
Combining all team communications onto Slack was a long time coming for Blossom Bariatrics. The executive and medical teams weren’t aligned on the same communications platforms. As Artemus worked on uniting internal communications on Slack, he started researching how to ensure HIPAA compliance on the platform. One key aspect was meeting Slack’s HIPAA-compliant DLP requirement.
“When I did research into the different DLP platforms available, I found Nightfall’s Office Hours session on how to be HIPAA compliant in Slack,” Artemus says.
The Office Hours presentation helped Artemus see Nightfall’s DLP for Slack in action and how easy HIPAA compliance within Slack can be with our tool. He contacted us immediately after the presentation, and soon Blossom Bariatrics had their HIPAA compliance in Slack up and running with Nightfall.
“Nightfall gives us a secure way to consolidate our communication infrastructure. Our biggest pain point with HIPAA is that rules are somewhat nebulous. Things change a lot. We tend to prefer an overabundance of caution. It’s nice to know that I can get alerts for every potential issue.”
Simple, automated, and affordable DLP coverage
The IT needs of a busy medical practice like Blossom Bariatrics can tax the entire organization’s bandwidth. A simple, automated DLP solution like Nightfall was the right fit for Artemus and his team. “HIPAA rules are somewhat nebulous and can change,” he says. “We tend to overcorrect on our security because of this. With Nightfall, it’s nice to know that I’m getting alerts for everything that could potentially be an issue.”
Securing patient protected health information (PHI) within internal communications is an essential function of Artemus’ role. It’s an impossible task to do without support, and Nightfall does it better than other DLP solutions given the platform has over a hundred machine learning detectors for common types of PII and PHI like names and medical information. Nightfall also has automated reporting features to notify users of potential problems. Working with our automated solution takes the guesswork out of DLP — and provides customizable controls to help Artemus scan for any sensitive data across his team’s Slack workspace.
Nightfall’s DLP for Slack product provides a complete solution for Blossom Bariatrics. When Artemus was putting together his ask to clinic leadership for a DLP platform plus Slack, he could feel confident presenting Nightfall as an affordable and effective investment in the organization’s security posture. “I knew I could go to my bosses with Nightfall and get a yes,” Artemus says. “The fact that Nightfall is affordable and simple with quick setup got us that yes. We’re very happy with it overall.”
“Nightfall is simple, affordable, and fast to set up. Without a simple, affordable DLP solution, we probably wouldn’t have been able to use Slack Enterprise and stay HIPAA compliant within the tool.”
Growth + security = success
HIPAA compliance in Slack was one major obstacle for Blossom Bariatrics to clear on their growth path. Nightfall DLP for Slack makes a huge difference for Artemus and his team, but the value goes beyond detecting business-critical data in their communications platform.
“Nightfall’s staff and support team have been fast and knowledgeable when I reach out,” he says. “They’ve also shared upcoming features from the roadmap that we’ll want to see for the future.”
Now with Nightfall in place, they can focus on expanding the practice to serve more patients in need of weight loss surgery. As Blossom Bariatrics grows, they’ll need to rely on Slack even more as staff members communicate across separate offices, and possibly face challenges due to COVID-19.
“We need easy, reliable, and secure communication,” Artemus says. “Eventually we’d like to have Nightfall sitting on top of our other collaboration platforms, like our internal wiki.”
We’re excited to see where Blossom Bariatrics is headed next, and we’re proud to be a part of their cloud security stack.
“The other DLPs I looked into were a lot more complicated than Nightfall. Simplicity is my number one favorite feature of Nightfall. The fact that it was plug and play surprised me. The staff and support team has been very quick and knowledgeable too.”
Nightfall is the industry’s first cloud-native DLP platform that discovers, classifies, and protects data via machine learning. Nightfall is designed to work with popular SaaS applications like Slack, Google Drive, GitHub, Confluence, Jira, and many more via our Developer Platform. You can schedule a demo with us below to see the Nightfall platform in action.
Schedule a Demo
Select a time that works for you below for 30 minutes. Once confirmed, you’ll receive a calendar invite with a Zoom link. If you don’t see a suitable time, please reach out to us via email at email@example.com.