Case Study: Ensemble Health Partners safeguards patient and provider data with Abnormal AI

Ensemble Health Partners Safeguards Patient and Provider Data with Abnormal

Ensemble Health Partners, an end-to-end revenue cycle management firm serving mid-to-large hospitals, faced a surge of targeted credential phishing and business email compromise that bypassed Microsoft Defender and their secure email gateway. To better protect patient and provider data and reduce workload on its 22-person security team, Ensemble deployed Abnormal AI solutions — including Inbound Email Security, Account Takeover Protection, and Email Productivity — as an additional, behavior-focused layer of defense.

Abnormal AI used human-behavior and NLP-based detection plus AI-driven automation and API integrations (e.g., with CrowdStrike) to detect subtle credential-harvesting attacks, remediate compromises at scale, and give analysts clearer attack insights. The deployment protects 28,000+ mailboxes, helped eliminate 1,438 employee hours of graymail review in 30 days, addressed that 93% of attacks being sophisticated credential phishing, and supports protection across $34B in net patient revenue.

Ensemble Health Partners

David Anderson

Chief Information Security Officer and VP