Webinar: Join us, Tues 5/24. Nightfall & Hanzo experts will discuss how machine learning can enhance data governance, data security, and the efficiency of legal investigations. Register now ⟶

Blog 2 min read

Nightfall Data Loss Prevention makes HIPAA Compliance Possible

by Michael Osakwe Published Oct 08, 2020

Covered entities bound by law to follow HIPAA regulations – like healthcare providers, health plans, and others handling protected health information (PHI) – need to demonstrate efforts to secure PHI. The specific measures required to do so are detailed in the HIPAA security rule which states that covered entities must put controls into place to identify and protect against anticipated threats to the security and integrity of PHI. Covered entities must also understand their risks to PHI security and integrity. These are accomplished through a variety of physical and logical controls as well as administrative procedures informing employees and personnel about the appropriate handling of PHI.

How does Data Loss Prevention apply to HIPAA Compliance?

As a logical access control, data loss prevention (DLP) ensures that organizations can detect who has accessed a piece of sensitive data and restrict or redact sensitive information that has been shared with unauthorized parties. As such, data loss prevention is invaluable to data security as well as compliance with a number of compliance regulations like HIPAA which explicitly require logical access controls to secure sensitive information and prevent data breaches.

How does Nightfall help with HIPAA Compliance?

As a cloud-native DLP solution, Nightfall provides data security for SaaS and cloud infrastructure platforms. Both cloud software and cloud infrastructure are highly collaborative environments where data security best practices can be difficult to implement due to the large number of users in these environments and their always-on nature. Under such circumstances, security teams will likely be unable to address data security incidents without tools that can give them the appropriate level of visibility within these systems. Nightfall is designed to do so. By using machine learning detectors specifically tuned to the types of sensitive data commonly found in cloud environments, including PHI, Nightfall is capable of automating data security and providing alerts whenever PHI appears somewhere it shouldn’t, like an inappropriate Slack channel or the wrong S3 bucket.

What does Nightfall detect?

Nightfall has over 100+ machine learning detectors for a variety of PII, PHI, and other industry specific data. You can detect patient names, addresses, medical record numbers, social security numbers, as well as a number of industry codes like ICD, FDA, DEA, NPI, DOB, and more. Additionally, you can add your own regular expressions to detect custom token types. Nightfall can detect sensitive data within documents, images, and in a variety of file types.

See how Nightfall has helped peers in your industry

Learn more about organizations like Project N95, Simple Health, and Foresight Mental Health and how Nightfall has helped each of them ensure HIPAA compliance within the technologies they use.

Learn more about Nightfall for HIPAA

Learn more about what Cloud DLP is and how it works: https://nightfall.ai/resources/dlp-helps-organizations-stay-in-compliance-while-protecting-data-in-the-cloud/

See how teams can make Slack HIPAA compliant: https://nightfall.ai/how-to-make-slack-hipaa-compliant

Finally, join us for an on-demand webinar detailing what you need to know about the HIPAA security rule and how to secure Slack with DLP: https://try.nightfall.ai/hipaa-on-demand-webinar

Subscribe to our newsletter

Receive our latest content and updates

Nightfall logo icon

About Nightfall

Nightfall is the industry’s first cloud-native DLP platform that discovers, classifies, and protects data via machine learning. Nightfall is designed to work with popular SaaS applications like Slack, Google Drive, GitHub, Confluence, Jira, and many more via our Developer Platform. You can schedule a demo with us below to see the Nightfall platform in action.


Schedule a Demo

Select a time that works for you below for 30 minutes. Once confirmed, you’ll receive a calendar invite with a Zoom link. If you don’t see a suitable time, please reach out to us via email at sales@nightfall.ai.

call to action

See Nightfall in action.

Schedule a demo