CASE STUDY
Valley Youth House Seeks Out HIPAA-Compliant Email Encryption for Sharing Sensitive Data Internally and Externally
Shaun Michel
IT Director
-
INDUSTRY
Healthcare
-
COMPLIANCE
HIPAA
-
PRODUCTS
Virtru for Google Gmail, Virtru for Microsoft Outlook
See Virtru in Action
HIPAA Compliant, End-to-End Encryption for Email
With Virtru, Valley Youth House can now:
- Provide the entire organization with an easy-to-use, HIPAA-compliant email encryption solution.
- Securely communicate with partners, agencies, and other third-parties without having to rely on TLS encryption.
- Improve their services through more efficient collaboration and communication.
Valley Youth House is a nonprofit organization that provides counseling, life skills training, housing, and emergency support to vulnerable, abused, and homeless youth. The agency partners with thousands of individuals annually to build a solid foundation for young people and their families. Because Valley Youth House provides behavioral and mental health services, they are required to comply with the Health Insurance Portability and Accessibility Act (HIPAA) and needed an email encryption solution for sharing information between staff, government agencies, and other partners. We spoke with Shaun Michel, IT Director, to learn why he and his team selected Virtru as their HIPAA-compliant data protection solution.
Client Privacy Is the Primary Concern
“Our youth clients are sophisticated enough to know that their most personal data is available to many different people for the purpose of providing services. Many of them have had negative experiences where their personal data has been misused or abused in the past. On top of that, many of our clients are teenagers and are sensitive to people talking about them. We respect that many of our youth clients understandably have reservations about what Valley Youth House employees may know about them; protecting their privacy is our primary concern.”
The Challenge with HIPAA Compliance and Email
“Aside from client privacy, HIPAA compliance is our other top concern as an IT department. Valley Youth House provides behavioral and mental health services for youth and their families and with this comes the responsibility of ensuring that HIPAA requirements are met when sharing protected health information (PHI).
“We deal with a lot of different funders, local governments, and local youth services agencies and we constantly need to share information back and forth. Some of it is extremely sensitive because it covers family history, mental health, and drug abuse issues. We value our clients’ privacy, and although we have to share their data, we must also be able to protect it.
“Case workers need to be able to share PHI back and forth and email is the path of least resistance, but prior to Virtru, email was not always HIPAA compliant. Previously, we relied on TLS encryption to protect PHI shared via email, but many of our case workers and staff members were communicating with partners who didn’t support TLS. We reached a point where we knew we had to take matters into our own hands and seek out an email encryption solution that checked all the boxes: HIPAA compliant, user-friendly for both the sender and the recipient, and end-to-end encrypted.”
A Domain-Wide Solution
“We first considered deploying Virtru with just our behavioral health employees. But the reality is that sensitive data is flowing throughout each and every department. We needed to reign it in and take control of the data we are entrusted to protect. In the past, we had explored using Zix, but their DLP rules simply weren’t reliable.
“With Virtru, everything is both extremely straightforward and flexible in terms of the control that we have over encrypted email content. For example, client case numbers are not something that people typically think could be sensitive data so being able to supplement Virtru’s default HIPAA rule pack with our own custom rules has proven to be extremely beneficial.
“Once we had the green light to move forward with Virtru, we were up and running very quickly and our employees saw how easy it is to encrypt an email before sending it. With Virtru, we are not adding any additional layers of complexity to our email workflows. Everyone—from the CEO to our case managers—agrees that Virtru doesn’t obstruct the way we communicate over email, but rather makes for a better experience. When staff can send an email without having to worry about client privacy or compliance, it makes their job that much easier.”
Valley Youth House Seeks Out HIPAA-Compliant Email Encryption for Sharing Sensitive Data Internally and Externally
Download Case StudyRelated Resources
Get expert insights on how to address your data protection challenges
/resource%20-%20promedtek/ProMedTek-cover.webp)
ProMedTek Protects Veteran Healthcare Data Across Distributed Contractor Network with Virtru
“The Fastest Deployment Ever” — How Vivo Care Transformed Patient Communication
/case%20study%20-%20Rescrybe/Rescrybe-Tile.webp)
Virtru Gateway + Zoho CRM: How Rescrybe Protects PHI While Automating Patient Outreach
/case%20study%20-%20evergreen%20life%20services/ELS-RESOURCE-CARD.webp)
Virtru Gateway Powers HIPAA Compliance for Nonprofit Disability Advocate Evergreen Life Services
/case%20study%20-%20form%20health/form-health-resource-card.webp)
Security Architecture That Speaks to Engineers: Why Form Health Chose Virtru for Gmail
/case%20study%20-%20trudatarx%20anonymous/trudatarx.webp)
TruDataRx: Securing Healthcare Communications with Virtru's Seamless Protection
/resource%20-%20two%20point%20conversions/twopoint.webp)
Two Point Accelerates Data Migrations with Virtru for PHI Security
/resource%20-%20healthy%20business%20group/hbg.webp)
Healthy Business Group Enables Fast, Secure Data Exchange During Benefits Enrollment
Annexus Health Protects Customer PHI, Intellectual Property, and Other Sensitive Data with Virtru for Gmail
Bennie Automates HIPAA Compliant Data Workflows in Gmail and Zendesk
iRhythm Technologies Protects Heart Health Research with Virtru
/resource%20-%20fairsky%20case%20study/fairsky-logo-case-study.webp){kind=logo}