Case Study: athenahealth strengthens PHI compliance and reduces data risk with Spirion

Health organization manages PHI in complex networks with Spirion-first approach

athenahealth, a national leader in electronic health records and medical billing services, needed to control sensitive data handling to meet rigorous HIPAA and HITECH compliance regulations. Their primary challenge was locating and securing protected health information (PHI) across complex networks to reduce the risk of data breaches from lost devices or accidental employee mishandling. Their existing data-in-motion and encryption solutions were insufficient, leading them to seek a solution from vendor Spirion.

Spirion provided its data security software to discover and classify sensitive data at rest across all endpoints and servers. The solution was deployed rapidly, giving athenahealth comprehensive visibility into where PHI and PII resided. Spirion's accurate scanning with low false positives enabled the company to remediate risks and proactively improve employee data-handling behavior. The results included a quantifiable improvement in security posture, successful regulatory compliance, and a significantly reduced risk of accidental data exposure.

Athenahealth

Jake McAleer

Senior Manager of IT