TL;DR: In Short: Strac Helps Kustomer Comply with HIPAA Regulations
- Customers post sensitive personal information on Kustomer CRM.
- Strac Kustomer App is a Data Loss Prevention (DLP) software that masks sensitive comments and attachments.
- Strac allows authorized users to view those Kustomer tickets in Strac UI Vault.
- A business can configure a list of sensitive data elements to redact.
- Compliance, Risk and Security officers will get audit reports of who accessed which messages.
The Challenge of Maintaining HIPAA Compliance for Kustomer
Customers post sensitive personal information (PII or PHI) on Kustomer CRM (Customer Support Tool). Some of the burning reasons on why your Kustomer account needs to be protected:
- Compliance: Every day, government legislation passes Consumer Privacy laws geared to protect consumer data from malicious entities. California and Illinois have been the latest to introduce these laws, including a Biometric Information Privacy Act. For many organizations, data can be spread across a wide range of systems, which can be challenging to keep up with Privacy law enactments. It is a nightmare for companies to do manual cleanup of those sensitive messages sitting within your employee's Kustomer account as deep inspection is time-consuming and error-prone. At the same time, you need to stay compliant and prevent exfiltration of sensitive data.
- In the first six months of 2019, a reported 3,813 data breaches affected 4.1 billion records, an increase from 2018. Of which, 70% of leaks exposed user emails, while 65% included sensitive information revealing passwords. According to IBM, the average time it takes for an organization to identify a data breach occurred is 206 days, with an organizational cost of $3.92 million.
- Between 2018 and 2020, there was a 47% increase in insider threat incidents. This includes malicious data exfiltration and accidental data loss.
How Strac Provides a Solution for Kustomer's HIPAA Compliance Needs
Strac Kustomer App is a Data Loss Prevention (DLP) software. It masks (aka redacts) sensitive comments and attachments while allowing authorized users to view those Kustomer tickets in Strac UI Vault. A business can configure a list of sensitive data elements (SSN, DoB, DL, Passport, CC#, Debit Card, API Keys, etc.) to redact. Compliance, Risk and Security officers will get audit reports of who accessed which messages.
Please peruse Strac's comprehensive collection of sensitive data elements that are automatically detected and redacted by Strac. For more details, visit this link: https://www.strac.io/blog/strac-catalog-of-sensitive-data-elements.
