Protecting Sensitive Data in Medical Institutions: How the Regional Center for Blood Donation & Hemotherapy in Warsaw Utilizes Safetica

The Regional Center for Blood Donation and Hemotherapy (Regionalne Centrum Krwiodawstwa i Krwiolecznictwa or RCKiK) in Warsaw is comprised of 10 territorial branches and 5 ambulances that facilitate mobile blood collection, and supply more than 150 liters of blood and blood components to more than 100 hospitals every day. Other customers include clinics and institutes that perform thousands of complex operations, transplants, transfusions and other procedures for which blood or its components are required.

As a medical institution, the RCKiK in Warsaw processes a huge amount of sensitive data containing information about the health of its donors. Until recently, most of the data was processed through paper records, but with technological developments, the digitization of data has become the norm. This switch has introduced a new threat of cyber-attacks and sensitive data leaks through accidental or intentional sharing. This has posed new challenges for the RCKiK.

The security of donor and patient data is a priority for us. That's why we decided to introduce another technological solution that will ensure comprehensive protection, compliance with regulations and further increase the effectiveness of IT systems securing our facility,

says Karol Pszkit,
Head of the IT Section at the Regional Center for Blood Donation and Hemotherapy in Warsaw. 

Medical identity theft occurs when someone uses identifying information related to another person's health without that person's knowledge. This can include his or her personal information, home address, registration number and medical records. Unauthorized individuals can use this information to purchase drugs, access reimbursed medical services or file false insurance claims, among other things. Additionally, stolen donor data can be used for other identity fraud.

With more than 300 employees, it's difficult for us to monitor whether each of them is following procedures correctly. Safetica does this for us, so we know how our center's processing is going. An additional advantage of the software is that it also performs an educational function in the organization, informing employees whether certain actions on files are appropriate – this is an additional element of protection against accidental data leakage,

explains Karol Pszkit of the RCKiK in Warsaw.  

Safetica's well-configured rules enable the software to detect when sensitive data is about to be mistakenly transmitted, and promptly notifies the employee with a warning message about the potential risk of their action. If the user has the authorization to perform such operations, he or she is allowed to complete the task after giving the necessary explanation to network administrators. Thanks to the fact that Safetica DLP allows continuous monitoring of activities on data, the resources of the Regional Center for Blood Donation and Hemotherapy in Warsaw are even better protected, and employees are aware that the correct way of doing things contributes in a practical way to maintaining the required level of data security for employers, patients and blood donors.

Before implementing the Safetica solution, we received a test version along with training on how to use the management console. The implementation itself went quickly and smoothly. An additional advantage is the exemplary technical support from certified engineers. If we have any questions, we seamlessly receive comprehensive and express assistance,

concludes Karol Pszkit.