Burgess Group uses UpGuard for HIPAA and PCI compliance

Simplified compliance and reduced IT complexity with robust change monitoring

scroll down
Burgess Group screen shot
Burgess logo dark

Burgess provides the first solution to natively bring together healthcare claim payment automation with business intelligence.

22

Health insurers and government customers

1

Integrated platform that brings together health care payers and providers

200+

Technology services continuously monitored by UpGuard

Burgess logo dark

Headquarters

Alexandria, Virginia

Industry

Healthcare, Financial Services

Overview

Burgess is a team of engineers, designers, policy analysts, data scientists, and business leaders who believe thoughtful technology can transform the flow of resources in the American healthcare system.

Challenge

Maintaining HIPAA and PCI compliance in a dynamically changing technology environment, and eliminating security vulnerabilities from configuration drift.

Solution

UpGuard Core for configuration drift management, change monitoring and variance reporting.

Making the healthcare system radically better

Burgess Group builds integrated payer and provider network management solutions to streamline medical claims reimbursement. Burgess models reimbursement payments and validates claim processing. As a handler of healthcare data, they are subject to HIPAA regulations and need to balance compliance concerns with development speed.

The challenge

Burgess has expanded rapidly due to the need for innovative solutions in healthcare payments. As their infrastructure has scaled, so has the challenge of validating environment configurations throughout the deployment lifecycle. While Octopus Deploy has helped automate the deployment stage, they still needed visibility prior to and after deployment to ensure continuous integrity.

The solution

Using UpGuard allowed Burgess to compare their stage and production environments and proactively find the drift that had previously surfaced as service failure. Once Burgess had stabilized their existing environments, they were able to begin scanning after each new deployment to account for all configuration changes. Finally, they could verify that the deployed environment had been correctly configured and all changes corresponded to what had been approved by the change advisory board.

quote start

If you’re familiar with Active Directory Group Policy, then UpGuard makes a lot of sense.

quote end
Jeffrey Friedman

Jeffrey Friedman

Director of Information Technology
Burgess Group

The results

Deployed and running in one week

UpGuard does not require users to learn new programming languages, only to define what good infrastructure looks like. By shortening the learning curve, UpGuard lowers the cost of initial investment and the time to investment recovery. That ease of use meant Burgess could quickly validate the proof of concept. Within one week they had started locating, prioritizing, and remediating configuration drift.

Ease of adoption

UpGuard’s methodology was similar to the other Windows tools Burgess was already using, making it easier to fit into their existing deployment process. As Burgesss IT Director put it, "If you’re familiar with Active Directory Group Policy, then UpGuard makes a lot of sense. Ultimately you have this environment and you have this policy you’re applying to it. We’re also using Octopus Deploy and UpGuard uses many of the same methodologies. The two products complement each other."

Instant verification of IT releases

After each Octopus deployment, UpGuard scans the environment to capture all new changes and assesses the new configuration state to verify that those changes haven’t broken any policies. By adding a separate set of post-flight checks after the Octopus run, Burgess has been able to regain trust in the integrity of their systems and processes. “Octopus is the install, this is the confirm. These products have to exist in the same environment.”

You’re in good company

Join hundreds of companies like yours using UpGuard to manage their cyber risk, secure their data and automate their security compliance.

quote start
UpGuard helps secure the New York Stock Exchange
Before, we needed an army to reconcile all of our changes. Now, we have an automated, scalable process that strengthens our regulatory stance, expands our coverage, reduces operational risk, and allows us to continuously improve our IT operation process.
quote end
quote end

Chuck Adkins

VP of Technology
New York Stock Exchange
NASA Logo Dark NYSE Logo Light
Morningstar Logo Light Akamai Logo Light
Bill Com Logo Light IAG Logo Light ICE Logo Light ADP Logo Light

See UpGuard In Action

Book a demo with one of our cybersecurity specialists.