/NYCHH%20Logo%20Case%20Study.webp?width=701&height=335&name=NYCHH%20Logo%20Case%20Study.webp)
By encrypting sensitive patient content stored and shared via Google Drive, NYCHHC can securely collaborate between internal departments and external city agencies that require access to protected health data all while complying with HIPAA and other regulatory standards.
VVoC
Case Study
NYC Health + Hospitals, the largest municipal health system in the U.S., is committed to delivering top-quality health care to all New Yorkers, irrespective of immigration status or financial ability, with compassion and respect. Their team of 45,000 health care professionals offers culturally sensitive care to over one million patients annually in over 70 patient care facilities throughout New York City's five boroughs.
With over 60,000 employees total, NYCHHC handles extremely sensitive protected health information (PHI) and personally identifiable information (PII) on a massive scale.
NYCHHC recently began a project to provide 20,000 employees with Google Workspace licenses to improve collaboration and productivity. However, sharing sensitive patient information externally on Google Drive posed compliance risks.
The team urgently needed a way to encrypt confidential documents without blocking access or productivity. After evaluating options, they selected Virtru's Google Drive encryption to provide persistent, granular protection for files containing PHI/PII.
Big picture - NYCHHC aims to leverage Virtru's encryption capabilities to improve compliance and progress towards a zero trust security model. By encrypting sensitive patient content stored and shared via Google Drive, NYCHHC can securely collaborate between internal departments and external city agencies that require access to protected health data all while complying with HIPAA and other regulatory standards. Previously, NYCHHC blocked all external Google Drive sharing due to security and compliance concerns.
With Virtru providing persistent encryption integrated with Google Workspace, authorized staff can now securely share files externally with other organizations involved in patient care and billing, while maintaining full access controls, audit logs, and data protection aligned to healthcare compliance regulations. Virtru's file encryption solution enables NYCHHC to take advantage of Google Drive's collaboration benefits while securing both internal and external file sharing.
While the ultimate goal is to shift to 100% Google Workspace, NYCHHC isn’t there yet. Many staffers also currently rely on Microsoft Outlook and Exchange for email. To protect PHI and PII shared over email, NYCHHC also deployed Virtru's Outlook Email Encryption solution.
With Virtru protecting both email and files, employees can securely collaborate across platforms while giving the security team a centralized plane for policy control.
As NYCHHC plans for a potential full Google Workspace email migration in the future, Virtru will continue to provide the team with platform-agnostic protection.
Virtru's agentless architecture means little to no infrastructure changes are required to maintain protection during or after a migration. With NYCHHC leading by example, Virtru is enabling more public-sector agencies to realize the productivity benefits of cloud collaboration platforms without compromising on security or compliance.
/Gmail%20Confidential%20Mode.webp)
