Case Study: University of Utah achieves automated, HIPAA-compliant vulnerability management with Qualys (QualysGuard)

University of Utah Writes New Thesis on Risk Management

The University of Utah, a large public research university with a major clinical medical center and roughly 30,000 IP addresses to manage, needed to secure systems and maintain HIPAA compliance. Its prior vulnerability process relied on an inaccurate open-source scanner that frequently crashed systems, couldn’t be automated reliably, and eroded trust between the security team and other IT/business units.

The university deployed QualysGuard’s SaaS vulnerability-management platform to automate discovery, accurate non‑disruptive scanning, centralized reporting, and remediation tracking. The result was a repeatable, transparent program that reduced risk and downtime, sped remediation, improved cooperation across units, and provided the compliance evidence needed to meet HIPAA requirements.

University of Utah

David Feyler

Manager of Information Security Operations