Live Demo
Blog   >   Application Infrastructure Protection   >   HIPAA Compliance and HIDS For Healthcare IT: Case Study

HIPAA Compliance and HIDS For Healthcare IT: Case Study

Stratasan’s Security and Compliance Solution

Healthcare IT Customer’s Cybersecurity Problem

Stratasan delivers web-based software and professional services that enable healthcare organizations to access information on healthcare markets and thereby establish a foundation for strategic planning, marketing, physician relations, and growth. When Stratasan adopted Threat Stack’s Cloud Security Platform (F5 Distributed Cloud App Infrastructure Protection (AIP) Advanced) on the recommendation of peers in the healthcare sector, they were a 15-person company with limited personnel and financial resources. Threat Stack’s application infrastructure protection platform was a perfect fit for their HIPAA compliance, given its ability to provide host-based intrusion detection. Since the platform was well documented and easy to set up, Stratasan had the compliance and HIDS solution rolled out and being used within a couple of weeks of deciding to adopt.

The Cybersecurity Solution: More Than Compliance and HIDS

As Stratasan began using the platform more systematically, they derived value that extended significantly beyond their original HIPAA requirements:

Increased Visibility and Better Communication: By integrating with Slack, Stratasan increased visibility into their systems without needing to continually log into Threat Stack. They also received real-time alerts on who was doing what, where, and when — and they could communicate more effectively on how to remediate issues, improve operations, and ensure that Development, Security, and Operations (DevSecOps) were driving towards common goals.

Audit Records for HIPAA: In addition to comprehensive monitoring and real-time alerts, Threat Stack created an audit trail and reports that could be passed on to auditors.

Containerization and Full-Stack Visibility: While Stratasan doesn’t necessarily plan to become fully containerized, Threat Stack’s container monitoring capabilities produced observability throughout Stratasan’s stack and SDLC, strengthening security at all levels and phases.

Third-Party Expertise: As a small team, Stratasan is budget conscious and doesn’t have a dedicated security person. Adding Threat Stack’s Oversight (AIP Premium) service has provided an effective, cost-effective way of leveraging third-party security insights and expertise so Stratasan can focus all resources on their core competencies.

“Threat Stack has been a great tool to have in our arsenal. We like the idea of sticking to our core business competencies — healthcare, healthcare marketing, and strategic planning — while being able to outsource other things that are valuable but simply outside our area of expertise. That’s why we partner with Threat Stack.” Brian Dailey, Stratasan’s Co-Founder and CTO


Stratasan’s Outcomes and Benefits beyond HIPAA Compliance and HIDS

As Stratasan’s needs have grown well beyond their initial requirement for support for HIPAA Compliance and HIDS (host-based intrusion detection), the company has derived ever more value from Threat Stack. As Stratasan continues to evolve their infrastructure, scale their data processing capacity, and expand their customer base, they plan to stay with Threat Stack to strengthen security and compliance, optimize operations, and achieve their overall business goals.

More Compliance and HIDS Information

For a PDF copy of the Stratasan case study, visit this link. To learn more about Threat Stack AIP’s compliance capabilities, click this link.

About Stratasan

Stratasan, now part of Syntellis, was founded in 2010 in Nashville, Tennessee, in the Healthcare Information Technology and Services industry. Before it was acquired, Stratasan had grown to more than 50 employees.

Threat Stack: Now Part of F5

Threat Stack’s application infrastructure protection (AIP), part of F5, is the leader in cloud security and compliance for infrastructure and applications, providing customers with proactive risk identification, and real-time threat detection-in-depth. If you’d like to learn more about Threat Stack’s Cloud Security Platform (aka Distributed Cloud AIP Advanced), Security Operations Center (including AIP Premium and AIP Insights), and more, feel free to contact our cloud security and compliance experts, fill out the form on this page, OR respond to the intelligent bot in the corner!