Case Study: HealthEast achieves stronger defenses against internal and external security threats with NetSPI

NetSPI Helps HealthEast Counter Security Threats from Inside and Outside

HealthEast, the largest locally owned healthcare organization in the Twin Cities’ East Metro area with 6,700 employees and 1,400 physicians, faced the dual challenge of securing patient data and payment card information while balancing a care-first culture. To better understand internal and external threats and vulnerabilities in applications, systems, and technologies—and to meet HIPAA and PCI requirements—HealthEast engaged NetSPI for focused security support.

NetSPI conducted risk analysis and a suite of assessments (external, internal, physical security, PCI compliance readiness, and application security), validated real exploitability of findings (for example exposing residual-data risks in a radiology imaging application), and recommended increasing external PCI assessments from two to four times per year. As a result, HealthEast gained repeatable, structured testing processes, clearer remediation guidance, and stronger validation of fixes—outcomes NetSPI’s team and reports consistently demonstrated to improve the organization’s security and compliance posture.

HealthEast

Kristi Reese

Senior Security Analyst, Information Technology