Client Background

With over 40 years of experience, this client is a trusted third-party administrator focused on delivering innovative self-funded health plans tailored to employer group needs. Their commitment to customer service and cutting-edge solutions has made them a leader in the industry.

Ensuring Compliance & Efficiency

The client needed to achieve SOC compliance, which required strict tracking of file access, especially for Protected Health Information (PHI) and other sensitive data. At the time, they relied on spreadsheets for this process, which was inefficient and prone to human error. Additionally, they sought to consolidate cybersecurity vendors for better management but were dissatisfied with the pre-approved options available to them.

Tailored Solutions

• CIRRUS Penetration Testing (PT) & Vulnerability Management (VM): Identifying and mitigating security risks.
• CIRRUS Identity & Access Management (IAM): Automating and securing file access tracking to meet SOC compliance. By deploying IAM, we addressed their primary concern—ensuring clear and auditable access controls over sensitive files—while streamlining their cybersecurity approach under a single, trusted vendor.
• Managed Extended Detection & Response (MxDR): Providing continuous monitoring and threat detection.

Results

• Successfully met SOC compliance requirements with automated file access tracking.
• Eliminated spreadsheet-based tracking, reducing errors and improving efficiency.
• Consolidated cybersecurity management, providing a more seamless and effective security strategy.
• Strengthened data protection for PHI, reducing risk and ensuring regulatory compliance.