Palo Alto, Calif., January 19, 2022 – Kiteworks, the leading platform for ensuring regulatory compliance and effectively managing risk with every send, share, receive, and save of sensitive content, announced today that customers can use Kiteworks for uploading, sharing, and storing vaccine-related protected health information (PHI) for employees, contractors, visitors, students, and educators. In doing so, Kiteworks enables organizations to protect sensitive PHI and comply with the Health Insurance Portability and Accountability Act (HIPAA) and other privacy regulations.
“Kiteworks provides an automated, comprehensive PHI content-sharing process that makes it easy for employees, contractors, students, educators, and others to upload vaccine mandate-related content,” said Bob Ertl, Senior Director of Enterprise Solutions at Kiteworks. “It also provides a detailed audit trail that organizations can use to demonstrate compliance with both vaccine mandates and HIPAA.”
Vaccine Mandates in the Public and Private Sectors
The earliest U.S. federal mandates, announced by the White House in July 2021, required vaccination or weekly testing for civilian employees of the federal government and on-site federal contractors. In August 2021, Defense Secretary Lloyd Austin announced that coronavirus shots would be added to the Pentagon’s required immunization list upon full approval of a vaccine by the Food and Drug Administration (FDA).
While some broader federal mandates have seen recent setbacks, many vaccine requirements in the U.S. are being voluntarily initiated within individual businesses. More than half (57%) of U.S. employers have, or plan to issue, vaccine mandates for employees. Many New York City-based companies, including Goldman Sachs, Morgan Stanley, and Citigroup, already require vaccines for anyone coming into the office. In some locations, participation may be required by state or local regulations. For example, government employees in 19 states are currently required to be vaccinated.
Ensuring Effective Governance, Risk Management, and Compliance
Organizations must be able to demonstrate that they have the right controls in place by implementing content access and functional rules matched to risk profiles and user roles. Without such controls, there is a risk of accidental exposure of employee records to peers due to missing access controls, or unencrypted attachments sent through email due to a lack of encryption policies.
Organizations also need to track PHI by logging every action. Detailed tracking ensures comprehensive visibility, which becomes particularly important for auditing and reporting processes to demonstrate compliance.
Kiteworks Simplifies Vaccine Mandate Management
As vaccine mandates have just begun rolling out, many organizations have not had sufficient time to plan and execute a data management program that anticipates the complexities of governance and compliance risks.
Key capabilities of the Kiteworks platform include:
- Unify. Kiteworks provides a centralized system that standardizes multiple content audit trails and unifies secure content communication channels. Employees, contractors, and others can transmit required COVID-19 vaccine and/or testing documentation via mobile devices, web interfaces, or even email attachments.
- Track. Kiteworks tracks the activity of each COVID-19 vaccination and testing record by logging every action—downloads, uploads, views, sends, and permission changes.
- Control. Kiteworks lets organizations set policies according to role rather than manually configuring each user, which reduces administrative time and ultimately reduces the risk of human error, while making compliance documentation easier.
- Secure. Kiteworks uses a layered defense model to protect sensitive content regardless of the source, and whether it is at rest or in motion. Data is automatically encrypted with every send, upload, download, and save.
- Webinar: How To Protect PHI and Comply With HIPAA While Meeting Employee Vaccine Mandates
- Guide: A Guide on Employee Vaccine Mandates While Complying With HIPAA
- Blog Post: Employee Vaccination Mandates Accentuate the Need for HIPAA-compliant File Transfer for HR Professionals
Kiteworks’ mission is to empower organizations to effectively manage risk in every send, share, receive, and save of sensitive content. To this end, we created a platform that delivers content governance, compliance, and protection to customers. The platform unifies, tracks, controls, and secures sensitive content moving within, into, and out of their organization, significantly improving risk management and ensuring regulatory compliance on all sensitive content communications.
The Accellion enterprise content firewall prevents data breaches and compliance violations from sensitive third party communications. With Accellion, CIOs and CISOs gain complete visibility, compliance and control over IP, PII, PHI, and other sensitive content across all third-party communication channels, providing secure email, secure file sharing, secure mobile file sharing, enterprise app and Microsoft Office plugins, secure web forms, secure file transfer like SFTP, and enterprise workflow automation. Accellion has protected more than 25 million end users at more than 3,000 global corporations and government agencies, including NYC Health + Hospitals; KPMG; Kaiser Permanente; National Park Service; Tyler Technologies; and the National Institute for Standards and Technology (NIST). For more information please visit www.accellion.com or call (650) 485-4300. Follow Accellion on: LinkedIn, Twitter, and Accellion’s Blog.