Healthcare Organizations Across America Comply with HIPAA Regulations and Eliminate Spam and Viruses with Proofpoint

Proofpoint's Regulatory Compliance and Secure Messaging Modules Protect the Confidentiality and Security of Patient Personal Health Information; Proofpoint Introduces Special Pricing for Small and Medium-sized Healthcare Organizations

(PRNewswire) November 28, 2005 -- Proofpoint, Inc., the leader in large-enterprise messaging security solutions, today announced that healthcare organizations across America are rapidly adopting the Proofpoint Messaging Security Gateway(TM) appliance and Proofpoint Protection Server® software to comply with HIPAA regulations governing protected health information (PHI), as well as to eliminate spam and viruses from their networks. Hospitals and healthcare organizations that have adopted Proofpoint include DeKalb Medical Center, Kaiser Permanente, South Nassau Communities Hospital, Pella Regional Health Center, Lakeland Regional Medical Center, Columbus Regional Healthcare System, Jamestown Hospital and University of Texas Medical Branch (UTMB). Proofpoint also announced a packaged healthcare privacy protection solution offered at a discounted price to healthcare organizations with fewer than 500 employees.

HIPAA regulations specify that hospitals and health care companies must take steps to protect patient PHI. Since patient information can be intentionally or accidentally disseminated via email, organizations need to ensure that PHI does not leak out of the enterprise through the email stream. The Proofpoint Regulatory Compliance(TM) module ensures that outbound messages comply with HIPAA by using pre-defined dictionaries and "smart identifiers" that automatically scan for a wide variety of non-public information. Once the module identifies a message that violates HIPAA policies, it can automatically apply disposition policies to that message. For example, an email may be quarantined for review by an administrator. Alternatively, a message destined for an approved business partner may be automatically encrypted before transmission.

Customers are able to encrypt their emails using the Proofpoint Secure Messaging(TM) module, which is powered by Voltage IBE(TM) technology from Voltage Security. Proofpoint's secure messaging solution automatically and dynamically applies encryption or decryption based on an organization's policies, right at the gateway. As a result, end users don't need to take any special actions to take advantage of encryption features and compliance and content security policies are consistently and accurately applied on an as- needed basis.

"Proofpoint accurately identifies any email that contains PHI, including social security numbers and procedure names, and automatically takes the appropriate action, holding those messages for further review or ensuring they are securely encrypted before allowing them to leave our network," said Connor Brosnahan, manager of network systems for South Nassau Communities Hospital. "Without Proofpoint, we'd have to find some other way to ensure our email is HIPAA-compliant, which could include manually reading thousands of personal email messages. That would not only waste IT resources, but would also compromise our employees' privacy - something we weren't willing to do."

Healthcare customers are also able to deploy the Proofpoint Digital Asset Security(TM) module to prevent patient records and other confidential information from leaking out via email. Proofpoint's MLX(TM) machine learning technology analyzes and classifies confidential documents, and monitors the outbound email stream so that they don't leave the organization.

In addition to identifying outbound email violations, the Proofpoint Messaging Security Gateway and Proofpoint Protection Server scan inbound email streams and stop dangerous viruses and unsolicited spam from reaching users. Proofpoint MLX(TM) machine learning technology examines more than 200,000 attributes in every email to block spam with the highest accuracy in the industry.

"Proofpoint works so well for DeKalb Medical Center because it provides complete security for both our inbound and outbound email," said Sharon Finney, information security administrator for DeKalb Medical Center. "Proofpoint not only helps us prevent PHI from leaving our network unencrypted, but it also prevents spam and viruses from entering the network. This ensures our patients' privacy while also keeping employee inboxes free of unsolicited email, phishing attacks and dangerous malicious code."

"The Proofpoint Messaging Security Gateway and Proofpoint Protection Server provide organizations with great flexibility in solving a wide variety of messaging security issues," said Gary Steele, CEO of Proofpoint. "Healthcare companies in particular need to be concerned with protecting patient records and other confidential information. Proofpoint allows these organizations to secure the outbound email stream, while protecting their own employees from inbound threats, such as spam and viruses."

To download complete case studies about South Nassau Communities Hospital and other leading organizations that have deployed Proofpoint's messaging security solutions, please visit Proofpoint's online Resource Center at: http://www.proofpoint.com/resources .

Special Pricing for Small- and Medium-Sized Healthcare Organizations

Through December 31, 2005 Proofpoint is offering discounted pricing to small- and medium-sized healthcare organizations (with 500 or fewer employees) on Proofpoint's packaged solution for protecting healthcare privacy. The Healthcare Privacy Bundle is an ideal solution for smaller healthcare organizations that seek an easy and affordable way to ensure the security of patient information.

The Healthcare Privacy Bundle, priced at $52,000, includes a three-year subscription to the Proofpoint Regulatory Compliance, Proofpoint Content Compliance and Proofpoint Secure Messaging modules, all required Proofpoint Messaging Security Gateway appliances, Proofpoint Gold level support and basic installation services.

For more information on this limited-time offer, please visit http://www.proofpoint.com/hpb or call 1-408-517-4710.

About Proofpoint, Inc.

Proofpoint provides messaging security solutions for large enterprises to stop spam, protect against email viruses, ensure compliance with corporate policies and regulations and defend against leaks of confidential and proprietary information via email and other network protocols. The company's flagship products, the Proofpoint Messaging Security Gateway(TM) and Proofpoint Protection Server® provide future-proof messaging security using Proofpoint MLX(TM) technology, an advanced machine learning system developed by Proofpoint scientists and engineers. Proofpoint was founded by technology visionary and former CTO of Netscape Communications, Eric Hahn. The Cupertino, California-based company is funded by investors including Benchmark Capital, Inventures Group, Meritech Capital, Mohr, Davidow Ventures, and RRE Ventures. For more information, please visit http://www.proofpoint.com .

NOTE: Proofpoint, Proofpoint MLX, Proofpoint Protection Server, Proofpoint Messaging Security Gateway, Proofpoint Spam Detection, Proofpoint Virus Protection, Proofpoint Content Compliance, Proofpoint Digital Asset Security, Proofpoint Regulatory Compliance and Proofpoint Secure Messaging are trademarks or registered trademarks of Proofpoint Inc. All other trademarks contained herein are the property of their respective owners.