Case Study: The University of Chicago Medical Center achieves centralized, automated vulnerability and HIPAA‑compliant reporting with Qualys

Diagnosing Risk - Customer Case Study

The University of Chicago Medical Center, a large nonprofit health system with four campus care centers, manages thousands of servers and roughly 11,000 networked devices and must protect sensitive patient data to meet HIPAA and PCI requirements. UCMC struggled with fragmented, manual vulnerability assessments and multiple tools that lacked centralized workflow and clear, audience‑specific reporting for security teams, operations, and executives.

UCMC deployed the QualysGuard Security and Compliance Suite (SaaS) to consolidate discovery, vulnerability assessment, policy compliance, and remediation tracking in one platform. Within three months they established continuous vulnerability management, automated remediation ticketing and verification, improved targeted reporting for technical and business audiences, sped up threat response, and strengthened overall security and HIPAA compliance.

The University of Chicago Medical Center

Plamen Martinov

Lead Security Engineer