Securing Healthcare in the Age of AI

A regional medical system partners with Proofpoint to protect employees, patient data, and the next wave of AI-driven care.

healthcare

At A Glance

An academic medical system in the Mid-Atlantic region trusts Proofpoint as a strategic partner to protect patient and employee data across email and collaboration channels. With email security and DLP at the core, the partnership now extends into the AI era where threat actors and defenders alike are racing to leverage generative AI.

Products Used

  • Enterprise DLP
  • Email Protection
  • Threat Protection

Proofpoint is one of our strategic partners, meaning that it's a long-term relationship. We are invested in a lot of the capabilities that Proofpoint provides, and we depend on those layers of defense in terms of email security and DLP to protect our data.


Vice President and Chief Information Security Officer

 

Company Size

30,000 employees 

Headquarters

Mid-Atlantic, United States 

350
million malicious emails blocked
85%
of inbound email filtered at the gateway
500K+
advanced malware, phishing, and BEC threats blocked
CHALLENGES
  • Data at risk: Patient and employee data was distributed across email, chat, file-sharing, and conferencing, creating multiple channels of risk, all subject to HIPPA’s strict regulations. 
  • Sophisticated threats: AI-accelerated social engineering aimed at a workforce of 30,000+ busy clinicians and contractors, meaning one mistake could lead to serious harm. 
  • Rising AI usage in healthcare: Real opportunities to improve care had to be balanced with responsible internal adoption that met data security and compliance standards.
RESULTS
  • 85% of inbound email was blocked at the gateway every month, with 350M malicious emails and 500,000+ advanced phishing, BEC, and malware threats neutralized across the partnership to date.
  • User behavior was modified in the moment through AI-powered DLP warnings that measurably reduced inadvertent sharing to personal email accounts.  
  • Executive reporting delivered monthly funnel metrics that translated security effectiveness into a clear, measurable story. 
The Challenge

The Challenge

A Long-Standing Partnership for Safer, Smarter Care 

An academic medical institution built its reputation on a simple promise: to deliver the safest healthcare system in their region. It supports that promise with more than 30,000 clinicians, researchers, and staff working across 30,000 endpoints. Every patient record is governed by HIPAA, demanding precision in how data is handled, shared, and protected day in and day out. 

Today, the organization's cybersecurity is inseparable from the care it delivers. Clinicians must balance the work of caring for patients alongside managing digital communications, from recordkeeping to collaboration and patient updates. Protecting patient data is essential. Protecting the people who handle that data is too.  

As the Vice President and Chief Information Security Officer puts it: "They're not always paying attention to the emails they get." That makes them susceptible to social engineering, which is growing more sophisticated with every advance in AI. Clinicians work across more channels—email, chat, video, file sharing—attackers are finding more ways in. 

The organization must defend against AI-powered threats and govern how AI is being used internally. Doing that effectively requires more than a simple security patch; it involves a strategic partnership that allows them to do both at the same time. 

The medical system didn’t have to look far for the antidote. Proofpoint—already a long-standing security partner—was ready to prove that AI-powered threats were no match for its multi-layered security platform. 

The Solution

The Solution

One Partner, Multi-Layered Protection  

Proofpoint has been a strategic partner of this Mid-Atlantic institution for many years, providing layers of defense across email security and Data Loss Prevention (DLP). That depth of commitment shows up during every renewal cycle. The medical group’s security team carefully evaluates what the market offers before recommitting to the platform. Each time, their answer comes back the same: Proofpoint delivers the most impact. 

"I'm looking for value," says the CISO. "I'm not necessarily looking at saving the most money." Having worked in organizations without Proofpoint earlier in his career, the contrast for him is clear. Hours and hours that were wasted figuring out whether emails were legitimate now flow to higher-value security tasks. 

Today, Proofpoint provides vital security solutions for the medical system, including Enterprise Protection, Targeted Attack Protection (TAP), and Threat Response Auto-Pull. TAP identifies and sandboxes suspicious URLs and attachments to stop advanced threats—like credential phishing, ransomware, and business email compromise—before they reach a user. It also surfaces the system's Very Attacked People (VAPs), so the organization’s security team can target additional filtering and training where the risk is highest. 

The CISO says this is one of the advantages of Proofpoint’s platform. “It gives us insight into who the most susceptible users are but also gives us data on who the most attacked people are,” he says. 

On the data side, Proofpoint's Email DLP and Encryption operate as a single, integrated solution to prevent unauthorized transfers of data in motion. Email DLP combines prebuilt HIPAA and medical-record identifiers with fingerprinting and OCR to detect sensitive patient information across more than 300 file types, even when it is hidden inside images or attachments. Encryption then applies automatically based on policy, so when a clinician sends patient data to a legitimate external partner, it happens behind the scenes with no extra effort from the sender. 

The most interesting work is happening at the intersection of AI and human behavior.  Clinicians and healthcare administrators are nearly always moving fast, under pressure, and don’t always have time to consider data protocols. Proofpoint's AI-powered DLP recognizes when someone is about to send sensitive data to a personal email account and presents a warning that gives them pause. “It changes their behavior, and we've seen a significant decrease in inadvertent sharing,” the CISO explains. 

The medical system’s team is already looking further down the road, anticipating the day when AI agents and non-human identities will need the same level of governance as human users. It’s the kind of forward thinking this strategic partnership makes possible. 

The Results

The Results

Millions of Threats Blocked Each Month 

Proofpoint has blocked over 350 million malicious emails for the organization, filtering 85% of all inbound traffic at the gateway before it ever reaches a user. More than 500,000 advanced malware, phishing, and BEC threats have been neutralized along the way. 

But there’s more:  

  • Click rates on phishing simulations are decreasing year over year.  
  • Fewer suspicious messages need to be reviewed.  
  • Employees are implementing safer behaviors because of AI-powered warnings. 

For a lean security team supporting tens of thousands of users, these gains do more than make the organization and their patients safer; they also enable better care. More robust security also offers a compelling story for the boardroom. Each month, Proofpoint's account team helps the organization translate the data into a funnel slide that gets presented to the Security Oversight Council and senior leadership. It turns cybersecurity into something the entire executive team can see clearly: a measurable, ongoing return on investment.

What started as an email security investment has grown into a long-term strategic partnership built on trust and a shared vision of healthcare cybersecurity in the AI era.  

As the organization plans for AI agents, non-human identities, and the next generation of healthcare innovation, it is counting on Proofpoint to help them keep pace. That’s because every threat blocked is another moment a clinician can focus on the patient in front of them.  

"We are trusted with providing quality patient care for the people in our communities. Our cybersecurity mission is aligned with that," the CISO said.  

That’s the real return on this partnership: trust.