Speak with an Expert Speak with an Expert

Vertical: Hospital & Physicians Clinic

Problem:
The client, a multi-site healthcare provider, needed to adapt to evolving HIPAA requirements, which now called for biannual penetration testing and quarterly vulnerability scans. While they had historically conducted annual testing, the expanded compliance standards required a more robust solution. Internal stakeholders also emphasized the importance of remediation testing and clear executive-level reporting.

Solution:
We proposed a CIRRUS 36-month engagement that included one Penetration Test, four Vulnerability Scans annually, and one Remediation Test. The offering aligned perfectly with the client’s regulatory obligations while also delivering added value through our user-friendly reporting and built-in remediation capabilities.

Strategy:
Our initial meeting took place in late 2024—slightly ahead of their decision-making window. However, we successfully positioned ourselves by showcasing key elements of our cybersecurity stack. By the start of 2025, the client was ready to move forward. It ultimately came down to CIRRUS and one other provider, but our superior reporting—especially the clarity of the executive summary—helped seal the deal.

Results:
The client selected CIRRUS to meet their compliance needs while benefiting from enhanced visibility and actionable insights through our reporting platform. With built-in remediation testing and a long-term roadmap in place, they are now positioned to proactively manage risk and maintain ongoing HIPAA compliance.

  • Vertical: Hospital & Physicians Clinic
  • Problem: The client faced new HIPAA compliance requirements, including biannual penetration testing and quarterly vulnerability scans. Their existing annual testing approach was no longer sufficient, and they needed a solution that included remediation support and executive-level reporting.
  • Solution: We delivered a CIRRUS 36-month engagement that included Penetration Testing, quarterly Vulnerability Scans, and Remediation Testing. Our clear, value-driven reporting and fully managed approach stood out during the evaluation process.
  • Results: The client selected CIRRUS over another provider, impressed by the quality of our executive reporting and built-in remediation capabilities. They are now equipped to meet HIPAA requirements while proactively managing their cybersecurity posture.

Speak with an Expert

Speak with our experts and see how you can transform your business by improving cybersecurity, connectivity, and communication.

Speak with an ExpertSpeak with an Expert