St. Luke’s University Health Network Safeguards Millions of Patient Records

Rubrik, Inc. announced that St. Luke’s University Health Network (St. Luke’s) replaced its legacy backup vendor with Rubrik to support its shift to the cloud and achieve cyber resilience.

Relying on Rubrik Security Cloud, St. Luke’s can recover from cyberattacks within minutes or hours, as opposed to months.

St. Luke’s is a non-profit organization that provides healthcare services for more than 80,000 patients and more than 340,000 emergency room visits every year across 14 campuses and 300 outpatient sites. It houses 2.5PB of data and millions of patient records in Epic, its patient access and medical records system.

Cyber recovery simulations revealed that if St. Luke’s were hit with ransomware, patient care would be impacted because it would take months of downtime and millions of dollars to recover. These insights helped St. Luke’s recognize its need for a modern data security platform.

Since switching to Rubrik, St. Luke’s has seen a savings of 73% of TCO. Additionally, Rubrik products like Threat Hunting and Anomaly Detection alert St. Luke’s to real-time changes in its environment-putting trust in the integrity of its data.

“In our industry, a cyberattack paralyzes our ability to provide life-saving care to our patients-so cyber resiliency is not optional,” said David Finkelstein, chief information security officer, St. Luke’s. “With Rubrik Security Cloud, we have secured our sensitive data, gained confidence and peace of mind in the resiliency of our operations, and can uphold our commitment to providing outstanding healthcare services even if we face a cyber event.” 

Backups are an important defense vs. ransomware. However, the Rubrik Zero Labs State of Data Security report found that 90% of external organizations reported that malicious actors attempted to impact backups during a cyberattack, and 73% were at least partially successful in these attempts.

“Legacy backups are a hunting ground for cyber criminals, as they were historically built for natural disasters – not modern cyberattacks,” said Anneka Gupta, chief product officer, Rubrik. “Healthcare organizations with particularly sensitive data must prioritize a strong remediation plan that relies on uncompromised backups. St. Luke’s took a proactive stance securing their patient data -and this approach will radically improve their long-term cyber resiliency.“

Rubrik and Microsoft: The Backbone of St. Luke’s Data Security
St. Luke’s systems, namely Epic, needed to be operational around the clock. In order to ensure its data is available at all times, it decided to migrate Epic from its on-premises data center to Microsoft Azure.

“Rubrik made it possible for us to move to the cloud and benefit from cutting-edge solutions in Microsoft Azure and Microsoft Sentinel,” said Finkelstein.

By leveraging Azure, St. Luke’s is able to take advantage of the flexibility and cost-savings of the public cloud by scaling enterprise applications up or down depending on demand.

St. Luke’s also utilizes Rubrik’s integration with Microsoft Sentinel, benefitting from a single pane of glass to monitor for threats and quicken cyber investigations. Rubrik expanded its Microsoft Sentinel integration in June 2023, unveiling a joint collaboration to integrate Rubrik Security Cloud with Microsoft Sentinel and Azure OpenAI Service to accelerate cyber recovery through the use of generative AI and Natural Language Processing (NLP).

Case study: St. Luke’s Secures Millions of Patient Records from Cyber Threats