St. Luke’s safeguards millions of patient records with Rubrik and Microsoft

Person typing with a stetheschope next to her computer : Rubrik Microsoft St Lukes

Rubrik has announced that St. Luke’s University Health Network (St. Luke’s) has replaced its legacy backup vendor with Rubrik, to support its shift to the cloud and utilize Rubrik Security Cloud to recover from cyberattacks within minutes or hours, instead of months.

St. Luke’s is a non-profit organization providing healthcare services to over 80,000 patients with more than 340,000 yearly emergency room visits, spanning 14 campuses and 300 outpatient sites. Encompassing 2.5 petabytes of data and millions of patient records in its medical records system, Epic, cyber recovery simulations revealed that if St. Luke’s was hit with ransomware, patient care would be significantly impacted by months of downtime, requiring millions of dollars (USD) to recover.

These insights helped St. Luke’s recognize the necessity of a modern data security platform, and after switching to Rubrik, it has already seen savings of 73 percent on the total cost of ownership. Additionally, Rubrik products like Threat Hunting and Anomaly Detection alert St. Luke’s to real-time changes in its environment, further safeguarding the integrity of its data.

In order to ensure its data is available at all times, St. Luke’s has recently migrated Epic, its patient access and medical records system, from its on-premises data center to Microsoft Azure, made possible by Rubrik.

By leveraging Azure, St. Luke’s is able to take advantage of the flexibility of the public cloud and additionally utilize Rubrik’s integration with Microsoft Sentinel to monitor for threats and quicken cyber investigations.

Rubrik expanded its Microsoft Sentinel integration in June 2023, unveiling a joint collaboration to integrate Rubrik Security Cloud with Microsoft Sentinel and Azure OpenAI Service to accelerate cyber recovery through the use of generative AI and Natural Language Processing (NLP).

To operate an integral defense against ransomware, backups are required. However, a recent Rubrik Zero Labs State of Data Security report found that 90 percent of external organizations have reported malicious actors attempting to impact data backups during a cyberattack, and 73 percent were partially successful in these attempts.

Anneka Gupta, chief product officer at Rubrik, said: “Legacy backups are a hunting ground for cybercriminals, as they were historically built for natural disasters – not modern cyberattacks.

“Healthcare organizations with particularly sensitive data must prioritize a strong remediation plan that relies on uncompromised backups. St. Luke’s took a proactive stance securing its patient data – and this approach will radically improve its long-term cyber resiliency.”

David Finkelstein, chief information security officer at St. Luke’s, said: “In our industry, a cyberattack paralyzes our ability to provide life-saving care to our patients – so cyber resiliency is not optional.

“With Rubrik Security Cloud, we have secured our sensitive data, gained confidence and peace of mind in the resiliency of our operations, and can uphold our commitment to providing outstanding healthcare services even if we face a cyber event.”