Case Study: John C. Lincoln Hospital achieves HIPAA-compliant protection of patients' confidential data and centralized device/application control with Heat Software

John C. Lincoln Hospital - Customer Case Study

John C. Lincoln Health Network, a Phoenix-based not-for-profit with two hospitals, 13 physician practices and more than 3,000 staff, faced growing risks from portable devices and unauthorized applications that threatened patient data confidentiality and HIPAA compliance. After a 2003 incident involving the Slammer worm and ongoing problems with thumb drives, modems and other peripherals, IT leadership could not practically enforce a restrictive computer-use policy across roughly 2,000 endpoints at 15 locations.

The organization deployed Lumension’s Sanctuary Device Control in 2005 and Sanctuary Application Control in 2006 to centrally block unauthorized devices, require device-approval forms, apply granular permissions (read/write, scheduled or temporary access), encrypt removable media and log all I/O activity. The solution stopped infected or unauthorized media from connecting, uncovered unknown devices, reduced weekly troubleshooting by about 10 hours, strengthened application control and provided the audit trails and encryption needed to improve compliance and protect patient data.

John C. Lincoln Hospital

Rob Israel

CIO