Case Study: Large Enterprise Healthcare Company achieves rapid HIPAA compliance and secures 25,000+ users and 60,000 devices with Duo Security

Large Enterprise Healthcare Company - Customer Case Study

One of the largest healthcare systems in the U.S.—covering 17 hospitals, dozens of clinics and affiliates and serving over half a million patients annually—needed to enable 6,000+ clinicians to access patient data anytime, anywhere and on any device while meeting the HIPAA Omnibus Rule. Faced with rising cyberattacks, widespread BYOD use and the risk of large OCR fines, the CISO sought a fast, non‑invasive solution that enforced consistent security policies without disrupting clinical workflows.

The organization deployed Duo Beyond for multi‑factor authentication and unified endpoint visibility, rolling out MFA to 25,000+ users in weeks and securing more than 20,000 users and 60,000 devices. Duo uncovered ~30,000 previously unknown personal devices, enforced passcode/encryption policies, blocked non‑compliant access, reduced MDM spend by about 90%, consolidated projects, improved auditability for HIPAA compliance, and won clinician adoption thanks to simple Duo Push and flexible authentication methods.