Case Study: The Midwestern achieves rapid cybersecurity readiness and a NIST-based security roadmap with Optum

how third-party consultants can help providers identify cybersecurity gaps, implement BCDR testing, and apply consistent security controls to help mitigate risks.

The Midwestern, a Midwestern academic Level 1 Trauma Center, faced a tight 18‑month deadline to develop its own security program after a divestiture and found itself with siloed departments, limited visibility, and missing timely security information from its former parent. Optum was engaged to perform a rapid assessment of the center’s capabilities and readiness, using consulting services grounded in the NIST Cybersecurity Framework and Business Continuity/Disaster Recovery (BCDR) evaluation.

Optum’s consulting team completed the readiness assessment in under a month, identified blind spots, and recommended adoption of the NIST CSF, creation of a BCDR program, IT security inventory, BCDR testing, and consistent controls across platforms. The client immediately implemented Optum’s quick wins and folded additional recommendations into a 3–5 year IT security roadmap, improving program visibility, reducing information security risk, and positioning The Midwestern for greater compliance and long‑term resilience.

The Midwestern