Case Study: Hartmann achieves GDPR compliance, protects PHI, and boosts staff efficiency with Kiteworks

Hartmann Protects PHI in Motion and at Rest with a Content Firewall

Hartmann, a 200‑year‑old German healthcare company serving wound treatment, incontinence care, and infection prevention, needed to securely share intellectual property and protected health information (PHI) with partners and patients while meeting GDPR and NIST CSF requirements. Challenges included encrypting data in motion, at rest, and in use, enabling view‑only sharing for third parties, and meeting global data‑sovereignty rules.

Hartmann deployed Kiteworks on a private cloud—using secure email, file transfer, automated transfer, file sharing, APIs and a Salesforce plugin—to enforce policies, control access, and keep encryption keys under customer control. The result was GDPR/NIST compliance, comprehensive visibility into sensitive content activity, secure view‑only sharing and automated secure email templates, faster staff adoption, reduced Salesforce costs, and improved protection of PHI with plans to expand usage company‑wide.

HARTMANN

Michael Williams

Senior Manager of Cybersecurity Management