Case Study: Surescripts achieves secure, automated key and certificate management with Venafi

Surescripts Moves to Decisively Reduce Risk

Surescripts, the nationwide health information network for secure clinical data exchange, needed to reduce risk and improve control over its rapidly growing key and certificate processes while supporting HIPAA-compliant trust across many customers and systems. As it scaled from issuing about one certificate a week to hundreds, Surescripts turned to Venafi to help secure and automate certificate management without disrupting its existing multivendor PKI environment.

Venafi implemented a platform that discovered noncompliant keys and certificates, generated compliant replacements, and automated secure remediation and lifecycle management. The results were significant: Surescripts gained full visibility and governance across SSL/TLS, SSH, mobile, and user certificates, improved data integrity, strengthened policy enforcement, and reduced the need for additional staff as growth accelerated. Venafi also helped Surescripts establish a baseline for normal activity, speed remediation, and better protect against trust-based attacks.

Surescripts

Paul Calatayud

Chief Information Security Officer