At Nightfall, our mission is to discover and secure sensitive data in every cloud application through a cloud-native, accurate, and performant platform. Since 2019, Nightfall has partnered with some of the world’s most innovative organizations to proactively eliminate data security risks across a fleet of SaaS applications via our native integrations for Slack, Atlassian Jira, Confluence, Google Drive, and GitHub.

We’re excited to announce that Nightfall is partnering with Virtru, a renowned leader in email and SaaS encryption, to provide customers with an encryption solution for securing PHI in Gmail and Google Drive. Combined with our existing Google Drive data loss prevention (DLP) integration, this new solution will provide fully integrated compliance and security coverage for Google Workspace.

HIPAA requires covered entities and business associates to secure protected health information (PHI). Failing to do so can result in steep fines and penalties. Some PHI breaches, however, are out of the organization’s control. Determined hackers can expose PHI, and employees can make mistakes — they’re only human, Despite training, rigorous security protocols, and constant monitoring, data breaches can happen.

HIPAA compliance requires covered entities and business associates to secure protected health information. Social Security numbers, medical record numbers, health plan beneficiary numbers, account numbers, and names of patients, relatives, or employers all must be secured from unauthorized access. The penalties and fines for HIPAA violations can be steep — in some instances reaching millions of dollars. And, HIPAA isn’t prescriptive about what it takes to be in compliance.

Those who work in the healthcare industry know: HIPAA compliance is often fiercely enforced by the Department of Health and Human Services, and penalties can be steep. “Each covered entity is required to implement safeguards to prevent the unauthorized disclosure of PHI. These safeguards will vary depending on the size of the covered entity and the nature of healthcare it provides, but the penalties for failing to safeguard the integrity of PHI can be extremely high.

HIPAA’s regulations refer to two parties: a covered entity and a business associate. These groups are required to achieve PHI compliance. Specifically, this means these groups are liable for protecting the confidentiality, integrity, and availability of personal health information.

The Nightfall blog is a knowledgebase for cybersecurity professionals with news and insights from the world of cloud security. Each week, we’re publishing new content to help you stay up-to-date on cybersecurity topics and to prepare you for the issues and threats that occur every day on the job.

Sensitive data often makes its way into logs. Though most of the time unintentional, these incidents have the potential to do a lot of damage, as they usually involve exposure of API keys, passwords, and customer data that can give attackers access to critical business data or put companies at compliance risk. This is why it’s important for organizations to be proactive about securing their logs.

We’re pleased to announce that Nightfall is partnering with Hanzo, a best-in-class enterprise e-discovery and investigations platform. Hanzo’s offerings, now powered by Nightfall DLP, include Nightfall’s machine learning detectors as part of Hanzo’s core functionality.

The current wave of digital transformation that has brought more and more businesses online has also introduced an unwelcome side effect: the surface area for attacks has ballooned. As individuals and businesses migrated their sensitive transactions into cloud applications, cloud service providers became responsible for providing high-fidelity data security.