Case Study: Catholic Health System achieves streamlined, scalable vulnerability management and HIPAA compliance with Qualys

Catholic Health System Delivers Vulnerability Management Cure

Catholic Health, a nonprofit health care system in Buffalo, NY serving Western New York with four hospital campuses, 30 ancillary organizations and roughly 1,000 beds, faced the challenge of securing and maintaining more than 6,000 networked devices across dispersed sites. With tight IT resources, mixed and aging clinical devices, and regulatory requirements such as HIPAA, the organization needed accurate visibility and an efficient way to identify and remediate vulnerabilities.

Catholic Health deployed Qualys Vulnerability Management on the Qualys Cloud Platform, a SaaS solution that required no on‑premises servers and provided real‑time, highly accurate scans and a large vulnerability knowledgebase. Asset tagging and device‑level reporting let the team prioritize and remediate the riskiest systems, saving remediation time, simplifying HIPAA reporting for auditors and executives, and delivering measurable improvements in vulnerability management and regulatory compliance.

Catholic Health System

Michael Arent

IT Security Analyst