Parsley Health’s innovative patient care includes protecting PHI with Nightfall
HQ Location: New York, NY
Martín Beauchamp, Manager of Infrastructure & Security
Parsley Health launched in 2015 as a new approach to healthcare: a focus on holistic health with a hybrid care model of online and in-office visits. Members pay a flat monthly fee to gain access to doctors and health coaches that help manage chronic health concerns like hormonal imbalances and autoimmune disorders. With medical care including labs and doctor visits combined with lifestyle coaching and nutrition support, people can have flexible tools to maintain a healthy lifestyle.
Parsley Health’s online presence has powered its nationwide growth over the last five years. As membership grows, so do concerns about protecting their members’ private health data. Collaboration in the cloud allows the Parsley Health team to move quickly and create the best health outcomes for their members. Martín and his team needed a way to protect sensitive personal data from being exposed in Slack. Nightfall was up for the challenge.
Stronger security makes good business sense
Martín Beauchamp leads the team that manages Parsley Health’s infrastructure. As being responsible for data security, Martín has to ensure that Parsley Health’s cloud platform runs smoothly for members and remains secure. Growing the membership base relies on strengthening trust in Parsley Health’s ability to protect private health data.
“I’m leading the initiative to get Parsley Health HITRUST certified,” says Martín. “It’s the de facto standard for information security in healthcare, and it’s part of a larger strategic objective to increase our membership base.”
To maintain HITRUST security standards, his team needed a way to secure protected health information (PHI) in Slack. The collaboration platform is excellent for helping teams get things done, but it lacks the necessary security controls to prevent PHI from being lost or exposed. When Martín tried to obtain a business associate agreement (BAA) with Slack, he found a DLP solution was necessary to complete the process. Nightfall covered this requirement, so it was an easy decision to add our cloud-native DLP to Parsley Health’s Slack.
“We have a larger obligation to protect our members’ PHI and make sure that it is shared through secure means and when it’s appropriate,” says Martín. “Nightfall works as an additional layer of protection against sharing information improperly.”
“We see Nightfall as an additional layer of protection against sharing information improperly, in addition to our other initiatives like employee training and awareness around HIPAA and our obligation to protect our members’ privacy.”
Simplifying cloud data protection
Speed matters for startups. Maintaining and supporting organization-wide security policies means major decisions must be made quickly. Martín was able to implement Nightfall DLP for Slack, quickly, thanks to fast setup with no tuning required.
Nightfall makes sense for Parsley Health, as a solution that supports healthcare data compliance standards and regimes like HITRUST and HIPAA, and as an organization that understands the unique challenges that healthcare infosec leaders face in their everyday work.
“The sensitivity of PHI is our biggest challenge,” says Martín. “This data is enormously valuable to our members. My team understands how important it is for us to keep Parsley Health safe and secure, and exceed the expectations of privacy that our members have of us.”
One way Nightfall adds value to Parsley Health is by providing laser-focused data security for PHI that supports HITRUST compliance, all with a simple and quick setup.
“The biggest problem with other DLP tools from an operational perspective is false positives and rule management,” Martín says. “Nightfall uses AI to simplify rule management. The promise that we would not have to write regexes was really alluring to us. So far, Nightfall has kept that promise.”
“Nightfall uses AI to simplify rule management. The promise that we would not have to write regexes was really alluring to us. So far, Nightfall has kept that promise.”
Nightfall makes DLP seamless
Adding Nightfall DLP to Parsley Health was a seamless process. Thanks to the lightweight setup and 100+ detectors configured out-of-the-box, there’s no need to worry about false positives or detector spikes. Getting the results they expected without additional operational overhead saved significant time and cost for Martín’s team.
“There’s only a few of us on the team and we have this huge, overarching security initiative,” Martín says. “We can work on this without distractions. It’s very valuable to us.”
Nightfall brings expertise on protecting data in the healthcare industry plus partnership connections with Slack — making an easy decision to bring our DLP on board for Parsley Health.
“The sales process was extremely lightweight,” Martín says. “Our account executive worked with us on pricing. We had to find a solution that fit within our financial constraints, so the overall low overhead in operating Nightfall is a great benefit.”
Changes come quickly for all of us in cloud security, especially during a pandemic. As Nightfall changes, we keep our clients up to date on our latest news and product updates, something that Martín and his team value. Our commitment to providing cloud-native DLP to healthcare organizations like Parsley Health means security leaders like Martín can focus on strategies to constantly improve and help their companies grow.
“We will continue to respect our obligation to our members to keep their data private,” Martín says. Nightfall is honored to be the cloud DLP solution that makes that vision possible for Parsley Health.
“I really like Nightfall’s reporting. Having the visibility into what the platform is doing with PHI alerts gives me insight into what the Parsley Health employees need from their communications tools. It helps us provide them with tools that match their workflows and meet our privacy requirements at the same time.”
Nightfall is the industry’s first cloud-native DLP platform that discovers, classifies, and protects data via machine learning. Nightfall is designed to work with popular SaaS applications like Slack & GitHub as well as IaaS platforms like AWS. You can schedule a demo with us below to see the Nightfall platform in action.