Case Study: Mount Sinai achieves stronger web application security and patient data protection with Barracuda Networks

Healthcare System Strengthens Web Application Security to Ensure Protection of Patient Data

Mount Sinai, one of the largest private U.S. health systems with seven hospitals and the Icahn School of Medicine, built an App Lab and multiple mobile apps to collect real-time patient data and improve care. As they expanded into a hybrid Azure environment, the health system needed to secure protected health information (PHI) and meet HIPAA/HITECH requirements, but legacy security tools and a small InfoSec team left web applications vulnerable and prior WAF efforts incomplete.

Mount Sinai implemented Barracuda CloudGen WAF for Azure via the Microsoft Azure Marketplace, deploying in hours with engineering support. The WAF closed security gaps, protected against coding vulnerabilities, secured encrypted traffic, and logged blocked attacks without impacting app performance—helping ensure compliance, protect patient data as app use grew, and even unlocking additional grant funding for further App Lab innovation.

Mount Sinai

Ashish Atreja

Chief Technology, Innovation, and Engagement Officer