Empowering tech-enabled health insurance: Ensurem relies on Nightfall DLP to protect data & ensure HIPAA compliance

Industry: Health insurance brokerage

ensurem logo

Employees: 175

HQ Location: Clearwater, FL  

Mike Aja, Director of Technology      

Ensurem is a fast-growing startup that’s shaking up how seniors shop for and purchase health and life insurance. The Florida-based insurance broker takes creative approaches towards solving a growing issue by providing affordable and easy to understand options for Medicare users looking for the right insurance options. They’re challenging the historically slow pace of the health insurance industry by using technology to deliver insurance products to their customers and using AI to predict customers eligibility for Medicare plans.  

As Ensurem’s Director of Technology, Mike Aja is tasked with keeping customer data safe across all the tools Ensurem’s agents use to help customers purchase Medicare policies. The company is built to be agile and creative, so Mike and his team needed a data loss prevention (DLP) solution that would fit the same mold. Ensurem uses Nightfall Enterprise for Slack to protect sensitive data and ensure HIPAA compliance for every interaction across their vast national network of agents.      

The challenge

One of the biggest challenges for an insurance broker like Ensurem is facilitating sales across all 50 states. Ensurem’s team of over 100 agents aren’t all licensed to sell insurance policies across different states, so the technology team needed a way to make communicating between agents much more efficient and secure.  

To facilitate sales, the agents need to pass customer information among their teams to get the customer connected to the correct agent that is licensed in their area. Now that everyone across the company is working remotely due to COVID-19, the need to connect across time zones and home offices is even greater.  

Ensurem - Mike Aja

Mike Aja is the security and technology leader at Ensurem (photo courtesy of Mike Aja)

“Those communications in Slack could contain personal health information, bank routing numbers, or social security numbers, all in one string of data,” says Mike. “We needed a way for the agents to get the information they needed quickly and easily.”

Slack makes it much easier and faster for Ensurem agents to discuss anything related to sales across the country. However, since the SaaS platform isn’t HIPAA compliant out of the box, Ensurem was at risk of data exfiltration and falling out of compliance without a DLP solution.  

“We needed data loss prevention and to stay in compliance with the Medicare system, the government, and insurance carriers like Aetna and Humana,” Mike says. Nightfall DLP for Slack provides Ensurem with both functions in one tool — keeping customer data safe from flowing between unsecured channels and allowing agents to seamlessly connect across their networks and reach more Medicare users in need of new insurance policies.    

“Slack is our main internal communication platform. It’s where we do our chats, all of our meetings, and our file sharing. Having Nightfall’s DLP integration with Slack provides us peace of mind.”

Bringing safer technology solutions to a new user group

Seniors eligible for Medicare benefits are Ensurem’s main customer segment. This sometimes creates a mismatch: a demographic that may lack the level of tech savvy working with a fast-rising startup to shop for and purchase insurance. Mike notes that many senior customers will send their own sensitive data to Ensurem agents, like social security numbers. The high amount of PHI at stake of exposure put strain on their technology systems every day before they chose Nightfall.  

“Nightfall works well in Slack without a lot of user interaction,” Mike says. “It helps a lot that their social security number database is live and will screen for actual social security numbers instead of just the number pattern.”  

The automated scanning solution catches potential internal security events before they happen. Maintaining HIPAA compliance is a multi-faceted task for Mike and his team. Whether it’s an incident involving a private insurer, the Medicare system, or the federal government, Mike can be confident that Nightfall DLP for Slack covers his compliance and DLP needs.    

“With Nightfall, we can manage any kind of behavior within Slack that becomes a problem. We can quarantine data and messages and create our own rules to disallow wasted effort from our employee communications in Slack.”

Making complex security problems simple to handle

Nightfall DLP for Slack provides security for Ensurem’s complex DLP issues through customizable alerts and workflows to block improper use of information sharing in Slack. Mike and his team can also feel secure knowing they can reach out to Nightfall at any time with questions or ideas about how to use DLP for Slack.   

“It’s been very good communication between us and Nightfall,” Mike says. “I can connect with them for a sync within minutes of reaching out.”  

Building a cloud security stack is a tough task, especially when data remains siloed across multiple systems and very few platforms are secure. With Nightfall, Ensurem has one more tool to keep their customer data safe and help the company stay compliant with the many high standards they have to follow. 

“I know I can get in touch with my Nightfall account executive or customer success contacts quickly with minimal effort on my end. I always feel comfortable reaching out if I need something.”

Join us for an upcoming Nightfall Office Hours session.

If you’re interested in learning more about Nightfall for Slack, you can view our Guide to DLP on Slack or schedule a brief demo with our team below.

Share this post: