Case Study: Central London Community Healthcare NHS Trust

NHS Trust uses Egress to share sensitive information securely and to remain compliant with UK data protection legislation.

Case Study

NHS trust uses Egress to share sensitive information securely and to remain compliant with UK data protection legislation

Central London Community Healthcare NHS TrustThe Central London Community Healthcare NHS Trust reflects on their selection of Government certified and award-winning technology to protect sensitive patient information.

Offering healthcare services at over 160 sites throughout the London boroughs of Barnet, Hammersmith and Fulham, Kensington and Chelsea, and Westminster, CLCH employs more than 3,000 staff and supports almost one million patients. Providing a range of community and in-patient services, including rehabilitation, palliative care, and NHS walk-in and urgent care centres, as well as offering comprehensive care and support in patient homes, CLCH needed a solution that would enable their diverse workforce to communicate very sensitive patient information securely.

“We selected Email and File Protection for two main reasons. Firstly, being a UK-based company, Egress makes it easy to comply with the DPA. Secondly, Email and File Protection is certified by CESG, the communications security arm of the UK Government, which makes usage of Egress technology very secure.”

Marek Zakrzewski, Information Security Manager, Central London Community Healthcare NHS Trust

The challenge

Marek Zakrzewski, Information Security Manager at CLCH, explains: “The NHS in general is increasingly communicating with local councils and other healthcare providers, as well as with the patients themselves – and with many different clinics spread across Central London, CLCH is no exception. We consequently needed a way to communicate personal identifiable data securely, including to recipients outside of the NHS network, in order to remain compliant with the Data Protection Act (DPA) and other UK legislation.

The solution

The UK’s first, and currently only, CESG CPA Foundation Grade certified email encryption product, Egress Email and File Protection helps both public and private sector customers to share IL2 and low-threat IL3 data (OFFICIAL and OFFICIAL SENSITIVE under the new Government Classification Policy) over the internet, without the need to manage external third party credentials.

“We were also looking for a system that is very easy to use,” continues Zakrzewski. “The NHS workforce is busy treating patients and we didn’t want to introduce another new technology that would create a distraction for them. However, users were surprised by how easy Email and File Protection is to use. Effectively, they only need to mark emails as private, personal or confidential, and the policy and governance is taken care of in the background.

“Email and File Protection has proven very valuable to us and we are consequently looking to expand our usage of the Egress platform. We are currently examining our capability to transfer very large files in and out of the trust, so we can leverage Egress technology using Email and File Protection instead of using a secure file transfer protocol. In addition, we can also make use of the Egress Secure Web Form, which would allow patients to send their own data to us securely, even if they don’t understand how this is done.”

Commenting on the announcement, Egress UK Sales Director Kelly McCann stated: “CLCH are an excellent example of an NHS organisation recognising the need for encryption services when communicating sensitive patient information between staff members and with third parties, such as local authorities and other health and social care providers, and proactively taking steps to remain compliant with data protection laws and legislation. Using Email and File Protection, CLCH can ensure they are protected from the data losses and breaches that can put patients at risk and incur large penalty fines. We look forward to working closely with CLCH to provide an integrated approach to secure communication, whether by email, file transfer or web form.”

“We were also looking for a system that is very easy to use,” continues Zakrzewski. “The NHS workforce is busy treating patients and we didn’t want to introduce another new technology that would create a distraction for them. However, users were surprised by how easy Email and File Protection is to use.”

Marek Zakrzewski, Information Security Manager, Central London Community Healthcare NHS Trust

About Egress Software Technologies

Egress Software Technologies is the leading provider of privacy and risk management services designed to manage and protect unstructured data.

Offering Government and Enterprise customers a portfolio of complementary services, the Egress platform leverages machine learning led policy management, encryption and eDiscovery to enable end-users to share and collaborate securely, while reducing the risk of loss and maintaining compliance. These award-winning integrated services include email and document classification, accidental send prevention, secure email and file transfer, secure managed file transfer, secure online collaboration and secure archive.

Certified by Government, Egress offers a seamless user experience, powerful real-time auditing and patented information rights management, all accessible using a single global identity.