Case Study: a healthcare testing company identifies file ownership and improves DLP compliance with Stealthbits

Identifying Data Ownership Where There Once was None

A leading healthcare testing company, which handles sensitive medical records and is subject to customer audits, faced a significant challenge. Its Data Loss Prevention (DLP) system identified tens of thousands of files containing sensitive data that had no clear owner, as they were created by service or administrator accounts with no associated email. This gap prevented the company from completing its attestation process for its Governance, Risk, and Compliance (GRC) software. They engaged STEALTHbits to address this problem.

The STEALTHbits Professional Services team built a solution that integrated its software, the DLP product, and the GRC platform. Using its StealthAUDIT product, STEALTHbits analyzed file data to calculate effective access and identify probable human owners for the orphaned files. This data was then used to update the files' metadata. The solution successfully provided ownership attribution for tens of thousands of files, enabling the full certification process and greatly satisfying the customer.