Case Study: Phreesia achieves PCI-DSS and HIPAA compliance with EventTracker

Phreesia - Customer Case Study

Phreesia, a New York–based provider of electronic patient intake tablets deployed in thousands of medical offices, needed to satisfy HIPAA and PCI‑DSS Level 1 requirements because its centralized New Jersey data center processes patient records and credit card transactions. To gain centralized auditing, monitoring and reporting capabilities, Phreesia implemented EventTracker’s SIEM and log management solution.

EventTracker centralized log collection and real‑time monitoring across Phreesia’s servers, giving the team quick access to mandated reports, continuous compliance and the centralized auditing they previously lacked. By using EventTracker, Phreesia achieved real‑time alerts and reporting to support PCI and HIPAA obligations and benefited from measurable gains such as faster audits (reducing audit times from weeks to days) and improved visibility into credit‑card and patient‑data processing.

Phreesia

Troy Polan

Director, Information Technology