Case Study: Wellstar Health System achieves SaaS visibility and risk reduction with Reco

Wellstar Health Uses Reco to Manage Shadow IT and Secure PHI in SaaS

Wellstar Health System, the largest non-profit integrated healthcare system in Georgia, relied heavily on SaaS applications to support care, patient communication, and payments, but had little visibility into its growing shadow IT footprint. The security team struggled to understand which apps were in use, how they were configured, and whether sensitive data like PHI was being put into noncompliant tools. To address these SaaS risk and compliance challenges, Wellstar turned to Reco.

Reco gave Wellstar visibility into its SaaS environment by discovering more than 1,100 shadow applications and exposing key risks such as public file exposure, missing MFA, and stale accounts. With Reco’s risk scoring and customer success guidance, Wellstar prioritized remediation, unapproved 73 risky apps, improved its security posture from 39% to 62%, and saved $200K annually by consolidating redundant Smartsheet licenses. Reco also helped Wellstar build a continuous SaaS compliance program and make faster, safer decisions about app usage.

WellStar Health System

Mike DArezzo

Executive Director of Security and GRC