Download PDF
Health and Social Services Organization Uses Arctic Wolf to Keep Patient Records Safe
Technology Category
- Cybersecurity & Privacy - Endpoint Security
- Cybersecurity & Privacy - Network Security
- Cybersecurity & Privacy - Security Compliance
Applicable Industries
- Healthcare & Hospitals
- Professional Service
Applicable Functions
- Business Operation
- Quality Assurance
Use Cases
- Cybersecurity
- Intrusion Detection Systems
- Regulatory Compliance Monitoring
- Remote Asset Management
Services
- Cloud Planning, Design & Implementation Services
- Cybersecurity Services
- System Integration
The Challenge
The health and social services organization faced several challenges, including ensuring robust HIPAA compliance, executing a comprehensive security strategy in a complex IT environment with limited staff, and demonstrating that PII and ePHI are protected. The organization had a modest IT staff tasked with managing a complex IT environment, which meant its engineers had to assume several roles and had little time for hunting down security alerts generated by point security products deployed in the organization’s IT infrastructure. Cybersecurity was not their forte, but the need to secure patient and client data became increasingly important with the rise of newer threats such as WannaCry ransomware. Recognizing the gap in their expertise, the team weighed adding a managed security service provider (MSSP) solution, such as FireEye, against managing it in-house with Splunk Enterprise Security for security information and event management (SIEM). Their analysis showed they could not feasibly get all the services they needed from a traditional MSSP or an in-house SIEM without significantly increasing their budget and staffing.
About The Customer
One of the nation’s oldest health and social services organizations has served children and adults with intellectual and developmental disabilities for more than 100 years. Throughout its history, the organization has pioneered new service models and developed new programs to meet the changing needs of people with disabilities and help them reach their full potential. This non-profit organization has partnered with local governments and communities to provide services across multiple states. In the course of its business, the organization stores and transfers a good deal of confidential data related to patients and others. That’s why it deployed Arctic Wolf’s SOC-as-a-service to protect electronic patient health information (ePHI) and sensitive personal identifiable information (PII) across multiple service facilities.
The Solution
Arctic Wolf’s AWN CyberSOC™ service met the organization's needs by providing a dedicated Concierge Security™ team (CST) that works as an extension of their IT team. The Arctic Wolf CST is their singular point of contact, monitoring their network and directing response to all threats. With years of security experience to draw from, the organization relies heavily on the CST’s expertise in handling its security-related matters and ensuring its data stays safe. The AWN CyberSOC service ingests thousands of daily alerts from the organization’s wide range of security products and highlights only those few that require some sort of remediation. The service combines machine intelligence to correlate incoming alerts with network flow data, behavioral analytics and threat feed subscriptions, and a dedicated CST to perform validation and triage. Additionally, the AWN CyberSOC includes unlimited log collection, so daily triage and forensics are performed across the entire network. The organization’s IT team was impressed by the AWN CyberSOC service and Arctic Wolf’s DNA, especially for the following reasons: a dedicated AWN Concierge Security team that acts as an extension of the organization’s IT staff, and is always available as a trusted security advisor; a predictable, fixed monthly service cost for continuous network monitoring with expertise for threat detection and response, which was far more cost-effective than deploying a SIEM; Arctic Wolf is an engineering-driven company that continually invests in its cloud-based SOC-as-a-service platform to meet customer demands.
Operational Impact
Quantitative Benefit
Related Case Studies.
Case Study
Hospital Inventory Management
The hospital supply chain team is responsible for ensuring that the right medical supplies are readily available to clinicians when and where needed, and to do so in the most efficient manner possible. However, many of the systems and processes in use at the cancer center for supply chain management were not best suited to support these goals. Barcoding technology, a commonly used method for inventory management of medical supplies, is labor intensive, time consuming, does not provide real-time visibility into inventory levels and can be prone to error. Consequently, the lack of accurate and real-time visibility into inventory levels across multiple supply rooms in multiple hospital facilities creates additional inefficiency in the system causing over-ordering, hoarding, and wasted supplies. Other sources of waste and cost were also identified as candidates for improvement. Existing systems and processes did not provide adequate security for high-cost inventory within the hospital, which was another driver of cost. A lack of visibility into expiration dates for supplies resulted in supplies being wasted due to past expiry dates. Storage of supplies was also a key consideration given the location of the cancer center’s facilities in a dense urban setting, where space is always at a premium. In order to address the challenges outlined above, the hospital sought a solution that would provide real-time inventory information with high levels of accuracy, reduce the level of manual effort required and enable data driven decision making to ensure that the right supplies were readily available to clinicians in the right location at the right time.
Case Study
Gas Pipeline Monitoring System for Hospitals
This system integrator focuses on providing centralized gas pipeline monitoring systems for hospitals. The service they provide makes it possible for hospitals to reduce both maintenance and labor costs. Since hospitals may not have an existing network suitable for this type of system, GPRS communication provides an easy and ready-to-use solution for remote, distributed monitoring systems System Requirements - GPRS communication - Seamless connection with SCADA software - Simple, front-end control capability - Expandable I/O channels - Combine AI, DI, and DO channels
Case Study
Driving Digital Transformations for Vitro Diagnostic Medical Devices
Diagnostic devices play a vital role in helping to improve healthcare delivery. In fact, an estimated 60 percent of the world’s medical decisions are made with support from in vitrodiagnostics (IVD) solutions, such as those provided by Roche Diagnostics, an industry leader. As the demand for medical diagnostic services grows rapidly in hospitals and clinics across China, so does the market for IVD solutions. In addition, the typically high cost of these diagnostic devices means that comprehensive post-sales services are needed. Wanteed to improve three portions of thr IVD:1. Remotely monitor and manage IVD devices as fixed assets.2. Optimizing device availability with predictive maintenance.3. Recommending the best IVD solution for a customer’s needs.
Case Study
HaemoCloud Global Blood Management System
1) Deliver a connected digital product system to protect and increase the differentiated value of Haemonetics blood and plasma solutions. 2) Improve patient outcomes by increasing the efficiency of blood supply flows. 3) Navigate and satisfy a complex web of global regulatory compliance requirements. 4) Reduce costly and labor-intensive maintenance procedures.
Case Study
Harnessing real-time data to give a holistic picture of patient health
Every day, vast quantities of data are collected about patients as they pass through health service organizations—from operational data such as treatment history and medications to physiological data captured by medical devices. The insights hidden within this treasure trove of data can be used to support more personalized treatments, more accurate diagnosis and more advanced preparative care. But since the information is generated faster than most organizations can consume it, unlocking the power of this big data can be a struggle. This type of predictive approach not only improves patient care—it also helps to reduce costs, because in the healthcare industry, prevention is almost always more cost-effective than treatment. However, collecting, analyzing and presenting these data-streams in a way that clinicians can easily understand can pose a significant technical challenge.