Case Study: Duke Health Technology Solutions safeguards PHI with Cerberus FTP Server

Safeguarding Protected Health Information with Cerberus FTP Server

Duke Health Technology Solutions, through the Duke University School of Medicine’s OASIS team, needed a secure, HIPAA-compliant way to give students and researchers access to protected patient and treatment data. Their old per-project approach made security reviews, access control, and secure data transfers difficult, especially when handling PHI and EHR data across independent servers.

Cerberus FTP Server was used as a key part of Duke’s Protected Analytics Computing Environment (PACE), supporting secure HTTPS imports, Active Directory-based permissions, and auditing through Event Manager. With Cerberus, Duke could tightly control data exports via time-sensitive download links and maintain HIPAA logging, helping PACE pass a formal HIPAA compliance audit in 2019 and keep service issues low over three years of use.

Duke Health Technology Solutions

James Fayson

IT Service Owner