A Diagnostic Testing Company Offers Security Lessons for All Providers

Originally posted on Healthcare IT News.

COVID-19 resulted in big changes for companies across the globe. And while many were able to go digital quickly and transition to address new needs, updating security to meet those changes wasn’t always a high priority.

Brio Systems’ co-founder, Thos Niles knows the challenges of pivoting a company’s focus without the in-house security capabilities to keep up.

At the beginning of 2020, the team at Brio Systems realized they had an opportunity to help by pivoting their original focus on making it easier for individuals to access diagnostic testing, to help companies provide safe, easy, and consistent access to COVID testing for their employees.

While this change tackled a critical need, it also changed the way the MedTech company handled health data and who required access to it.

Brio turned to Carbide to address the gaps in their security internal resources, expertise, and policies. Faced with challenging security questionnaires and rigorous audit calls every time a large company or government agency wanted to work with them, Niles knew Brio couldn’t win business with large, established companies by piece-mealing together a checkbox-style security and privacy program. Instead, the Brio Team partnered with Carbide to design security-driven systems that not only meet compliance but will continue to defend and secure their company as they

“Because Carbide was built for companies like ours that have a need for enterprise-class security, but not necessarily the dedicated team to achieve it, it seemed like a great fit. The platform breaks down best practices, industry frameworks and government regulations into clear, digestible tasks with an actionable project plan.” – Thos Niles, Brio Systems Co-Founder

In this Healthcare IT News article, Thos Niles discusses the security challenges and lessons learned along with how working with the Carbide team helped Brio Systems to strengthen their security posture, enable them to efficiently demonstrate compliance, and operationalize and advance their security.