Case Study: Greenville Health System

Case Study: Greenville Health System

The Client

Greenville Health System (GHS) is South Carolina’s largest not-for-profit healthcare system, committed to medical excellence through clinical care, education, and research. GHS first opened its doors as City Hospital back in 1912. Over the last one hundred years, the organization has evolved from a single free-standing hospital to a highly integrated delivery system and academic medical center.

The Challenge

With sophisticated cyber-attacks on the rise and healthcare clinicians’ increasing reliance on vulnerable mobile and IoT medical devices, GHS understood the urgency to accelerate its efforts to self-assess cyber risk within its own infrastructure and improve security posture across its partner ecosystem. The organization sought to gain a more comprehensive understanding of current security status, benchmark against competitors, raise visibility and awareness of vulnerabilities, address legacy infrastructure, update patch management processes, and communicate about risk to senior management in actionable business terms.

The Solution

SecurityScorecard enables GHS to discover, assess, monitor, and report on the cyberhealth of its own IT infrastructure via an outside-in view that allows the security team to see what a hacker sees. This increased visibility combined with in-depth analysis of the company’s internal systems and dynamic attack surface ensure that security practitioners remain aware of potential vulnerabilities.

The Results

GHS can now instantly vet the security risk posture of every healthcare provider in its portfolio via comprehensive visibility into all third-party systems that integrate with GHS infrastructure. Security practitioners can quickly minimize and remediate vulnerabilities that expose the health system to attack.

They can now easily prove and maintain compliance with increasingly stringent regulatory standards and guidelines like HIPAA, HITECH, and PCI via SecurityScorecard’s data and mapping capabilities, thereby minimizing the risk of penalties against the organization.

Download

Request a Demo

Thank you for requesting a demo!