FairWarning - Rethinking Data Privacy, Security, and Governance to Build Trust

As the value of data rises, data privacy and security has become a major concern for organizations. FairWarning was founded in 2005 to protect patient data, creating the patient privacy monitoring category. The platform connects data from the EHR and other healthcare applications to identify impermissible patient record access, including data breaches. Over the years, FairWarning has continued to innovate by listening to customers and the market to proactively address stated and anticipated needs.

In 2015, FairWarning expanded its data monitoring capabilities to include applications beyond healthcare-specific systems. FairWarning now helps customers protect data in Salesforce,  Office 365, and numerous other popular applications. Across these applications, FairWarning helps identify areas of risk from access control, privileged user monitoring and data exfiltration, helping to create a culture of security and reinforce trust. This helps organizations comply with key regulatory requirements across industries and localities, including HIPAA, GDPR, PCI, SOX, and FINRA.In mid-March 2020 when the impact of the coronavirus was just starting to become visible, the company quickly developed a COVID-19 reporting module to help customers track COVID-19 patients and associated record access. Within two weeks, the module was expanded into a customizable dashboard for all key privacy tracking data associated with COVID-19 patients. Hospitals could then review the data in a single pane of glass to maximize efficiency during the pandemic.

Preventing data breaches

The average data breach costs $3.9 million. For Healthcare it’s $7.1 million. FairWarning helps healthcare providers avoid that risk by detecting, remediating, and even preventing data breaches in compliance with HIPAA. It starts with early detection. FairWarning applies complex algorithms and AI to every record access to assess whether it is a potential breach, flagging those that represent a high risk. Once a breach has been detected, they help customers navigate the next steps through their investigation module and, if necessary, implement remediation actions. This closed-loop process feeds FairWarning’s extensive healthcare privacy data repository and AI engine in a continuous cycle of improvement. When serious incidents occur, health systems seek out FairWarning because they deliver what the OCR expects in a compliance action plan.

But the ultimate goal is prevention – no breaches means avoiding fines and headlines. In addition to identifying suspected breaches, FairWarning also identifies violations of the policies put in place to prevent breaches. This monitoring helps in two ways. First, knowing that policies are being monitored reduces the likelihood of an employee violation. Second, when a violation does occur, it is an opportunity for education about both the policy and the importance of protecting patient privacy. FairWarning and their customers talk about this as creating a culture of privacy. Whatever you call it, by identifying loopholes and closing them early, the risk of a breach is reduced.

Beyond patient privacy

Drug diversion is an unfortunate reality that most health systems deal with and the consequences can be dire –patient harm, fines and regulatory liability for the health system and loss of career, freedom or even life for the diverter. FairWarning Drug Diversion Intelligence helps find and address instances of drug diversion. The system looks for patterns of behavior and anomalous activity using analytics and artificial intelligence, alerting customers when potential diversion is likely. Additionally, it provides a trail of data that both encourages reticent managers to act and helps organizations respond to law enforcement investigations.

Literal lives are not at stake when it comes to data in CRM or office productivity applications, but livelihoods are. When a departing employee decides to export business critical information from one of these systems, it could devastate the company without the company ever knowing what happened. Ex-employees and compromised credentials represent similar threats. FairWarning acts as a safety net for these and other privacy and security situations to protect an organization’s valuable data stored in applications like Salesforce, Office 365, Google Drive, Box and Dropbox. Fundamentally, FairWarning helps organizations protect the privacy and security of data held in mission-critical applications through user activity monitoring. They provide visibility into risky, abnormal behavior and help manage the full lifecycle of incidents, including forensic investigations and compliance processes.

The user-friendly solution is the key

Whether you talk to them or their customers, it’s clear that customer service is a priority for FairWarning, and part of that is a focus on ease of use. They deliver in numerous ways - user interface, proactive alerts, automatic tracking, and integrations. Customers are provided with easily accessible reports and dashboards that supply the information they need. Customers can set up alerts to be notified when there is an issue that needs to be reviewed. If an incident is determined to need investigation, the FairWarning platform can be used to track an event’s progress from start-to-finish, automatically importing the information from the initial alert. FairWarning’s solution integrates with practically any application organizations use thus extending the value of the privacy protections they provide. For U.S. health system customers, FairWarning also offers managed privacy services that act as an extension of their teams to make monitoring privacy even easier.

About the CEO: Ed Holmes

Ed is a seasoned technology leader and has directed many companies in a variety of growth stages. The integral focus of his career has been on delivering value to customers and he is delighted to lead an executive team that shares that dedication. He is committed to building on FairWarning’s already strong reputation as a privacy company delivering robust and innovative data protection and security solutions and expert services. Ed was previously the CEO of Peoplenet, a leading provider of cloud software for the staffing industry,

until its acquisition by Bullhorn in 2017, at which time he became the SVP of Workforce & Revenue Cloud at Bullhorn. Ed has spent his career in software and technology applications that serve Fortune 500 companies, including roles as both CIO and CEO.