Case Study: Managed Care Systems Inc. (MCSI) achieves validated role-based access controls and actionable remediation with Rapid7 penetration testing

Managed Care Systems Inc. Leverages Rapid7 Pen Testing to Evaluate User Roles and Privileges

Managed Care Systems Inc. (MCSI) is a 15‑person healthcare software firm that for more than 20 years has delivered Visova, an automated claims-processing and benefits-management platform used by large claims handlers. With external “provider” and “patient” users accessing the web front end, CIO Scott Vanderluit needed to validate that back-end, role‑based access controls prevented privilege escalation and to obtain independent, HIPAA‑acceptable assurance for clients and regulators.

Rapid7 performed a focused penetration test, helping define scope, providing clear daily communications, and testing access controls in production without outages. The engagement produced a highly actionable report that MCSI turned directly into remediation tickets to quickly resolve application-specific issues, deliver third‑party validation, and plan follow-up assessments and tool adoption.

Managed Care Systems Inc. (MCSI)

Scott Vanderluit

Chief Information Officer