Download PDF
Imperva > Case Studies > Large Healthcare Organization Enhances Patient Data Security with Imperva
Imperva Logo

Large Healthcare Organization Enhances Patient Data Security with Imperva

Technology Category
  • Analytics & Modeling - Machine Learning
  • Cybersecurity & Privacy - Application Security
Applicable Industries
  • Healthcare & Hospitals
  • National Security & Defense
Applicable Functions
  • Procurement
  • Quality Assurance
Use Cases
  • Cybersecurity
  • Tamper Detection
Services
  • Cybersecurity Services
  • System Integration
The Challenge
The healthcare organization, one of the largest nonprofit healthcare systems in the country, was faced with the challenge of protecting vast amounts of patient data. With over 400,000 people in the health system, the organization had to manage a sprawling environment that spanned structured data, unstructured data, and data stored in the cloud. The organization had to balance the clinicians’ needs for on-demand access to patient data against the risk of a data breach. In 2016, the organization embarked on a multiyear project to enhance the protection of patient data across the organization. However, a data security incident early in the project forced the organization to reevaluate its priorities.
About The Customer
The customer is one of the largest nonprofit healthcare systems in the country, employing more than 50,000 people across dozens of hospitals and academic medical centers in six states. The organization is committed to bringing healthcare to patients wherever they are, whether in the clinic, on mobile devices, or telephonically. To deliver on its mission, the organization relies heavily on data, which plays a vital role in improving patient care, from diagnostics to treatment and illness prevention. The organization has a sprawling environment that spans structured data, unstructured data, and data stored in the cloud.
The Solution
In response to the data security incident, the organization shifted its focus to protecting its most critical assets and then systematically expanding coverage to all its databases. The organization partnered with Network Consulting Services, Inc. (NCSi) to develop a cybersecurity strategy and framework for protecting patient data in its many forms and for mitigating data breach risks. Within three months, 20 key database servers were covered by Imperva Data Security while the security team built the architecture to support the full deployment of 15 business-critical applications and over 780 database servers. Under Imperva’s FlexProtect licensing model, the organization only had to purchase licenses for the database servers, allowing the underlying Imperva virtual architecture for the organization’s environment to be designed, built, deployed and tested before the agents were fully deployed.
Operational Impact
  • With the implementation of Imperva Data Security, the healthcare organization has significantly enhanced its data security. The system uses machine learning and behavior analytics to monitor data access and detect threats in real time, providing the security team with the confidence that they are catching the most critical threats and mitigating data breach risks more effectively. The system also provides automated dashboards and reports, simplifying compliance reporting and making it easy for the organization to pull reports on who is accessing a given database for a specified time range. As the organization enters the final phases of the maturity model, the team is aware that their work will be ongoing, adapting to the evolving threat landscape and the constant changes in the health system.
Quantitative Benefit
  • Imperva Data Security distills 45 billion event alerts per day down to 150 critical alerts, enabling easy identification and action on critical threats.
  • The organization avoided millions of dollars in Splunk SIEM license fees due to the reduction in the number of alerts being sent to the SIEM.
  • 20 key database servers were covered by Imperva Data Security within three months.

Related Case Studies.

Contact us

Let's talk!

* Required
* Required
* Required
* Invalid email address
By submitting this form, you agree that IoT ONE may contact you with insights and marketing messaging.
No thanks, I don't want to receive any marketing emails from IoT ONE.
Submit

Thank you for your message!
We will contact you soon.