Case Study: St. Charles Health System achieves HIPAA/EDI compliance and full patient-data protection with Fortra's Digital Guardian

St. Charles Healthcare System - Enabling Care Providers While Protecting Patient Data

St. Charles Health System, a Central Oregon network of three hospitals and about 20 clinics with 3,000 caregivers, needed to ensure HIPAA/EDI compliance and locate and protect widely distributed PHI, PII and PCI data. A baseline risk assessment revealed poor user awareness, misconfigured vendor FTP channels that sent data over the Internet, and business associates emailing unencrypted patient data—creating urgent exposure and regulatory risk.

Fortra’s Digital Guardian appliance was deployed in monitor-only mode for rapid discovery and analysis, quickly identifying the unsafe channels and integrating with EHR systems to classify sensitive data. SCHS then implemented the full Digital Guardian compliance solution for ongoing monitoring, blocking and discovery, gaining real-time visibility into data movement, enforcing policies without adding IT headcount, remediating issues quickly and achieving HIPAA/EDI compliance.

St. Charles Health System

Steve Scott

Infosec Manager