Dataguise customers cover a wide breadth of industries as meeting regulatory and compliance requirements for HIPAA, PCI, PII and other privacy protection regulations is critical for most organizations.
Additionally internal corporate data security policies demand that information be masked to protect it from internal privileged but unauthorized users.
Existing customers come from industries and organizations such as healthcare, biotech, pharmaceutical, financial, federal and others.
Financial: PII, SOX, PCI-DSS Regulation Compliance
Financial Industry is subject to many government and internal regulations including. They do not have a shortage of sensitive data. In fact, the business of banks and large scale financial institutions depend on personally identifiable information (PII) and cardholder data. With millions of records often stored across multiple data repositories in varying locations in premise and in the cloud, protecting this type of information is paramount in order to protect customer confidence and preserve the integrity of the brand itself. Add to that the fact that banks are bound to regulations like SOX, PCI-DSS, in addition to state and foreign privacy laws, having the proper protection in place is critical.
Healthcare: HIPAA Regulation Compliance
Healthcare is an industry that is subject to a variety of government privacy regulations including the far reaching Healthcare Industry Privacy Act (HIPAA). Hospitals all need to protect large numbers of patient records. Even regional hospitals face the challenge of protecting data that resides in a wide variety of databases.
A successful regional hospital turned to Dataguise to find and mask specific data records in both Oracle and SQL. The project was driven by the chief security officer’s team and ultimately involved the principal database architects within the IT department. Thanks to DgDiscover and DgMasker, The Chief Security Officer (CSO) is now confident that all locations where patient data was stored were identified and the records properly secured according to both internal policies and external HIPAA requirements.
Biotech: Internal Corporate Security Policies
Many corporations have internal security policies but are challenged in how to effectively enforce and audit these policies. The corporate security division of a large biotech firm informed the safety division of the IT department that internal security policies required that production data not be used in a non-production environment.
In preparation for rapidly approaching internal and external compliance audits the Safety Division conducted a search of non-production databases which indicated they would fail to meet the required standards for regulatory and policy compliance standards.
Encryption was not a solution primarily due to the disruption in the workflow for the teams using production data in non-production test and development environments. The biotech firm turned to masking solutions from Dataguise. Because DgMasker is software and does not involve the laborious process of writing scripts and uses the technique of Mask in Place, the solution was implemented in a matter of weeks.
On the day of the audits the head of the corporate security division was sure that the IT department would not be successful. The Safety Division not only passed the audit but greatly reduced the cost of compliance.
Pharmaceutical: Privacy And Trade Secret Protection In Clinical Trials
During most clinical trials there is a need to share test results with a variety of investigators that are often in different locations using different data management and storage systems. It is imperative that during the process of evaluating test results the identities of participants as well as the comments and input of the clinicians involved be protected. Best practices and in some situations government regulations require that participating investigators are not able to identify the individuals participating in the trials. At minimum both the individual’s name and social security numbers must not be revealed.
A large pharmaceutical firm recognized that DgMasker provided the best solution to ensure privacy without disrupting the existing project workflow. Chief among the company’s concerns were that the information be protected not only from external attacks but also from privileged but ultimately unauthorized engaged with the trial. Benefits to the customer were rapid implementation of the solution. DgMasker was easy enough to use that is also greatly minimized future dependencies on the application knowledge of any one or two individuals within the firm.