Burgess Group uses UpGuard for HIPAA and PCI compliance

Simplified compliance and reduced IT complexity with robust change monitoring.



Health insurers and government customers


Integrated platform that brings together health care payers and providers


Technology services continuously monitored by UpGuard

Burgess provides the first solution to natively bring together healthcare claim payment automation with business intelligence.

Making the healthcare system radically better

Burgess Group builds integrated payer and provider network management solutions to streamline medical claims reimbursement. Burgess models reimbursement payments and validates claim processing. As a handler of healthcare data, they are subject to HIPAA regulations and need to balance compliance concerns with development speed.

The Challenge

Burgess has expanded rapidly due to the need for innovative solutions in healthcare payments. As their infrastructure has scaled, so has the challenge of validating environment configurations throughout the deployment lifecycle. While Octopus Deploy has helped automate the deployment stage, they still needed visibility prior to and after deployment to ensure continuous integrity.

Burgess is a team of engineers, designers, policy analysts, data scientists, and business leaders who believe thoughtful technology can transform the flow of resources in the American healthcare system.
Maintaining HIPAA and PCI compliance in a dynamically changing technology environment, and eliminating security vulnerabilities from configuration drift.
UpGuard Core for configuration drift management, change monitoring and variance reporting
Healthcare, Financial services
Alexandria, Virginia

The Solution

Using UpGuard allowed Burgess to compare their stage and production environments and proactively find the drift that had previously surfaced as service failure. Once Burgess had stabilized their existing environments, they were able to begin scanning after each new deployment to account for all configuration changes. Finally, they could verify that the deployed environment had been correctly configured and all changes corresponded to what had been approved by the change advisory board.

“If you’re familiar with Active Directory Group Policy, then UpGuard makes a lot of sense.”

Director of Information Technology

The Results

Deployed and running in one week

UpGuard does not require users to learn new programming languages, only to define what good infrastructure looks like. By shortening the learning curve, UpGuard lowers the cost of initial investment and the time to investment recovery. That ease of use meant Burgess could quickly validate the proof of concept. Within one week they had started locating, prioritizing, and remediating configuration drift.

Ease of adoption

UpGuard’s methodology was similar to the other Windows tools Burgess was already using, making it easier to fit into their existing deployment process. As Burgesss IT Director put it, “If you’re familiar with Active Directory Group Policy, then UpGuard makes a lot of sense. Ultimately you have this environment and you have this policy you’re applying to it. We’re also using Octopus Deploy and UpGuard uses many of the same methodologies. The two products complement each other.“

Instant verification of IT releases

After each Octopus deployment, UpGuard scans the environment to capture all new changes and assesses the new configuration state to verify that those changes haven’t broken any policies. By adding a separate set of post-flight checks after the Octopus run, Burgess has been able to regain trust in the integrity of their systems and processes. “Octopus is the install, this is the confirm. These products have to exist in the same environment.”

Set up a free demo account today

Book a free demo

See UpGuard In Action

Book a call with one of our specialists and we'll arrange a time for a demo.