1. Strengthen DLP System Visibility
DLP technology only works when it can see the data it needs to protect. In an ideal environment, this means combining endpoint DLP agents with network-based DLP sensors and cloud-focused DLP enforcement points. The greater visibility that DLP has into your enterprise IT environment, the more likely it will be to spot and stop a potential leak.
2. Define Permissions and Set Access Controls
The principle of least privilege is a pillar of information security for a good reason: It works. Individuals with access to sensitive patient records should only have permission to access the records they need to carry out their job functions. Billing clerks probably don’t need access to patient lab results. Physicians don’t need to see a patient’s payment history. Lock down records to limit access and you’ll reduce the impact of a potential breach.
3. Deploy a Cross-Platform Solution
Providers and administrators now work from anywhere, and that means that your organization’s data lives in many different locations. Make sure that your DLP technology supports all of the company-owned and personal laptops, desktops, tablets and mobile devices that process your business data.
4. Enhance Organization-Wide User Education
Use DLP as an educational opportunity. Many security incidents are the result of user error rather than intentionally malicious actions. Create automated educational opportunities that follow any event that triggers your DLP system. For example, if a user is blocked from sending an unencrypted email containing Social Security numbers, follow up with an email or short video course explaining what happened in more detail and helping the user understand how to get their work done securely.