BlackFog vCISO to Secure Patient Data

Like any organization in the heavily regulated healthcare industry, L&R of Chesterfield’s biggest IT challenge was to be able to secure patient data. Prior to the Covid-19 pandemic, patient records were not electronic, but everything changed when the organization moved away from pen and paper.

Securing the data was no longer as simple as locking the filing cabinet, electronically storing and sharing patient data brought new challenges. With staff now working from laptops and in many cases mobile phones, sometimes their own devices, L&R needed to ensure that they were doing everything they could to secure the data and be HIPPA compliant.

When L&R was renewing their insurance policies their broker suggested they look into cyber insurance. Executive Director for L&R Lisa Nashette explains, “prior to taking our systems electronic we really had no need for cyber insurance. But when the time came to renew our policy I had been hearing so much more about cyberattacks, and we were transitioning to a fully digital model, so I knew it was time to review our options and add cyber coverage to our policy.”

L&R’s cyber insurance partner Evolve MGA then provided some information around products that could help bolster their cybersecurity defense, BlackFog’s ADX technology was recommended as a preventative solution to prevent cyberattacks and data exfiltration.

“We wanted to go beyond basic cybersecurity tools and add another protective layer. Our insurer made some recommendations and I reviewed a few of them. The more I learned the more I realized BlackFog seemed like the total package. I needed a preventative ‘hands off’ solution that would protect our data and BlackFog ticked those boxes.” Commented Lisa.

L&R decided to test BlackFog in their environment over a two-month period. Lisa continued, “I really liked the fact that BlackFog was protecting our laptops and mobiles, it was doing exactly what I needed it to do, and when I learned that BlackFog could offer me a virtual CISO (vCISO) service it was the icing on the cake. Once I learned about the full service option I didn’t need to focus on the technical aspects of the product anymore, I just had peace of mind that we were protected.” 

L&R decided to purchase BlackFog’s vCISO plan which is a fully managed service. This hands-off approach ensures that they are protected 24/7 by BlackFog’s threat intelligence team. Lisa commented, “my vCISO sends me reports so I can keep on top of what’s going on, and I love the fact the email always starts with ‘nothing to worry about’. He checks the console on a regular basis and manages that for me. We have a regular monthly call but other than that it’s hands off. 

BlackFog deals with issues and alerts, I can log in and see what’s happening but I can put it on the back burner knowing that we are covered. I’d absolutely recommend this service to other organizations who don’t have the bandwidth to manage their IT security in house.”