Amedsys Prescribes Microsoft Security and a Password-Free Solution to Support Clinical Teams
When it comes to delivering high quality healthcare, prioritizing the most important people at a facility is the key to success. These are the patients. Read the customer story to learn how Amedsys is doing exactly this and applying some outside-the-box thinking to security with a full spectrum of Microsoft Security.
How did Amedisys balance strong security with easy data access for clinicians?
Amedisys reimagined its security approach around two priorities: protecting patient data and keeping clinicians productive at the bedside or in the home.
To do this, the organization consolidated onto Microsoft Security solutions within the Microsoft 365 stack. Instead of using multiple point products (like separate antivirus and other third‑party tools), Amedisys standardized on Microsoft 365 E5 for information workers and Microsoft 365 F3 plus the full E5 security and compliance set for clinicians.
Key elements of the balance:
- **Single, integrated security stack:** Replacing McAfee and other tools with Microsoft 365 security reduced complexity and made it easier to manage policies consistently across more than 30 states.
- **Password-light experience:** Amedisys focused on streamlined logins so clinicians could get to medical records and productivity apps quickly, without constant password interruptions.
- **Device-agnostic management:** With Microsoft Endpoint Manager and Defender for Endpoint, the security team manages Windows devices in offices, Android tablets for clinicians, and iOS devices for sales through a unified approach.
This combination lets Amedisys protect sensitive health information while keeping clinicians focused on patient care instead of wrestling with security controls.
What role did password-free and streamlined sign-in play in Amedisys’s security strategy?
Amedisys made streamlined sign-in a core part of its security strategy because frequent password changes and resets were creating both risk and frustration.
The company implemented **Windows Hello for Business** on its Windows-based devices. Clinicians and staff can now use biometrics—such as facial recognition—to access their devices, instead of repeatedly typing passwords.
Key changes and benefits:
- **Biometric access to Windows devices:** Once a user’s face is registered, they can sign in quickly and securely without entering a password each time.
- **One strong password for everything else:** For non-Windows access, Amedisys encourages a single, strong password rather than multiple weaker ones. The goal is that, with good password hygiene, a user may keep the same password for their entire tenure.
- **Reduced reset burden:** With 25,000 users, resetting passwords 10–15 times a year would be a major operational drain. The new approach cuts that overhead significantly.
- **Higher user acceptance of security:** By making access easier, IT builds trust with clinicians and staff, which in turn makes them more likely to follow security guidance.
Backed by insights from Azure Active Directory and other Microsoft Security tools, Amedisys felt confident removing routine password changes, reducing both user friction and password-related risk.
How did Microsoft 365 help Amedisys cut costs and improve compliance visibility?
Amedisys used Microsoft 365 not just to secure endpoints, but also to simplify its toolset and sharpen its view of compliance.
**Cost and efficiency gains:**
- By consolidating device management with **Microsoft Endpoint Manager**, Amedisys reports about **$250,000 in savings** in that area alone.
- Overall, the move to a consolidated Microsoft 365 security stack is saving the company approximately **$865,000** across licensing and operational costs.
- A uniform stack reduces the effort of coordinating data and engineering across multiple vendors.
**Improved device and data visibility:**
- **Defender for Endpoint** sensors are built into Windows 10, so Amedisys doesn’t need to deploy separate agents, which speeds up onboarding and reduces system overhead.
- Endpoint Manager and Defender for Endpoint work together, allowing the security team to quickly gain visibility into new environments, including acquisitions.
**Compliance and data governance:**
- Using **Microsoft 365 compliance center**, Amedisys applied machine learning to locate sensitive data across more than **10 million documents**. The initial scan produced results in about **48 hours**, a task that would otherwise have taken much longer.
- The company can now run “what-if” compliance scenarios in a few hours for frameworks such as **HIPAA**, **Sarbanes-Oxley**, and various state regulations—work that previously required outside consultants and days of effort.
Overall, Microsoft 365 helped Amedisys rethink its security and compliance posture: fewer tools, lower cost, faster insight into where sensitive data lives, and more confidence when responding to regulatory demands or integrating new acquisitions.
Amedsys Prescribes Microsoft Security and a Password-Free Solution to Support Clinical Teams
published by CPP Associates
What if you could decrease your IT spend by as much as 30%, while improving your user experience and reducing your overall risk? With a customer-first strategy and Infrastructure Anywhere tactics, CPP’s unique methodology helps you successfully implement complex, transformational IT solutions that drive revenue growth and operational efficiencies.
Our pioneering assessments study the myriad ways you can deploy cloud-like infrastructure, comparing various private and public cloud options for technology, service levels, security, and costs. In less than a month, you have the data you need to make educated decisions in real time. And together, we’ll use that information to design and deploy a solution that works especially for you—one that delivers maximum agility and increased utilization while meeting your critical business requirements.
Dream big. Compete fiercely. Innovate with intelligence. CPP Associates.
Sign in with LinkedIn