Company can now ensure PII is protected according to HIPAA regulations…
  • Headquarters: East Coast State, U.S.
  • Industry: Healthcare insurance provider
  • Products: Healthcare insurance plans
  • Employees: 1,000+
  • 600,000 members
  • Creating cloud-based patient portal while assuring HIPAA compliance
  • Strong encryption and key management for all PII fields
  • Functionality and ease-of-use for integrated web2lead and email systems
  • CipherCloud for Salesforce
  • Applied encryption to 15+ fields within Salesforce
  • Integrated and encrypted email and web2lead systems for 200+ users
  • Experienced significant cost savings by moving to a cloud-based portal platform
  • Reduced internal infrastructure
  • Assured data security and HIPAA compliance for PII

Healthcare Provider Delivers Safe Cloud Portal to Patients

CipherCloud for Salesforce Applies Encryption to Protect PII Data and Comply with HIPAA-HITECH Safety Measures


This leading state insurance provider employs over 1000 employees onsite committed to providing their members with access to affordable, high-quality healthcare. Founded in 1939, the company now operates in 20 US states and the UK, supporting over 600,000 memberships. This particular state’s facility is committed to the health and well being of the residents in their community, with the vision that improving their customers’ health promotes better quality of life as well.

They had plans to create a cloud-based patient portal which would allow them to engage many more users in their state in ways that would be lower their infrastructure costs while providing a fmore convenient method of engagement for their users. The portal would house both structured and unstructured data, including personally identifiable information (PII), so they were challenged to protect it per HIPAA and HITECH compliance regulations. They selected Salesforce for the platform on which to build their new portal.


The healthcare insurance provider needed to tow the fine line between protecting their patient’s PII while also making that data readily available to the proper users. Knowing the HIPAA and HITECH regulations became even stricter in 2013 with the HIPAA-HITECH 2013 Final Omnibus Rule, the company was committed to ensuring the latest levels of protection for their patient data, regardless of its location.

The portal also needed to provide seamless functionality for their users. To cover the bases of security and usability, they needed their security solution to deliver:

  • AES 256-bit encryption of 15+ fields within Salesforce
  • Ability to integrate with web2lead and email systems
  • Seamless user functionality, including search of encrypted fields, for 200+ users

The company selected CipherCloud for Salesforce to provide encryption for their 15+ select Salesforce fields across multiple Salesforce orgs. The solution applies strong AES 256-bit encryption to both structured and unstructured data and they also create and keep their own encryption keys, further increasing their data’s security and compliance.

Moreover, their 200+ users experience Salesforce normally with no change in performance. Search features remain available and intact through searchable strong encryption (SSE), as well as web2lead, email, cloud applications and additional third-party tools through CipherCloud’s open platform support.


The healthcare company was able to reduce significant internal infrastructure costs by placing their patient portal in the cloud. This savings and the new platform were both possible because they were able to encrypt their sensitive PII and protected health information (PHI) data and restrict access to only authorized parties.