Amedsys Prescribes Microsoft Security and a Password-Free Solution to Support Clinical Teams
When it comes to delivering high quality healthcare, prioritizing the most important people at a facility is the key to success. These are the patients. Read the customer story to learn how Amedsys is doing exactly this and applying some outside-the-box thinking to security with a full spectrum of Microsoft Security.
How did Amedisys balance strong security with easy data access for clinicians?
Amedisys reimagined its security approach around two priorities: protecting patient data and keeping clinicians productive at the bedside or in the home.
To do this, the organization consolidated onto Microsoft Security solutions within the Microsoft 365 stack. Instead of using multiple point products (like separate antivirus and other third‑party tools), Amedisys standardized on Microsoft 365 E5 for information workers and Microsoft 365 F3 plus the full E5 security and compliance set for clinicians.
Key elements of the balance:
- **Single, integrated security stack:** Replacing McAfee and other tools with Microsoft 365 security reduced complexity and made it easier to manage policies consistently across more than 30 states.
- **Password-light experience:** Amedisys focused on streamlined logins so clinicians could get to medical records and productivity apps quickly, without constant password interruptions.
- **Device-agnostic management:** With Microsoft Endpoint Manager and Defender for Endpoint, the security team manages Windows devices in offices, Android tablets for clinicians, and iOS devices for sales through a unified approach.
This combination lets Amedisys protect sensitive health information while keeping clinicians focused on patient care instead of wrestling with security controls.
What role did password-free and streamlined sign-in play in Amedisys’s security strategy?
Amedisys made streamlined sign-in a core part of its security strategy because frequent password changes and resets were creating both risk and frustration.
The company implemented **Windows Hello for Business** on its Windows-based devices. Clinicians and staff can now use biometrics—such as facial recognition—to access their devices, instead of repeatedly typing passwords.
Key changes and benefits:
- **Biometric access to Windows devices:** Once a user’s face is registered, they can sign in quickly and securely without entering a password each time.
- **One strong password for everything else:** For non-Windows access, Amedisys encourages a single, strong password rather than multiple weaker ones. The goal is that, with good password hygiene, a user may keep the same password for their entire tenure.
- **Reduced reset burden:** With 25,000 users, resetting passwords 10–15 times a year would be a major operational drain. The new approach cuts that overhead significantly.
- **Higher user acceptance of security:** By making access easier, IT builds trust with clinicians and staff, which in turn makes them more likely to follow security guidance.
Backed by insights from Azure Active Directory and other Microsoft Security tools, Amedisys felt confident removing routine password changes, reducing both user friction and password-related risk.
How did Microsoft 365 help Amedisys cut costs and improve compliance visibility?
Amedisys used Microsoft 365 not just to secure endpoints, but also to simplify its toolset and sharpen its view of compliance.
**Cost and efficiency gains:**
- By consolidating device management with **Microsoft Endpoint Manager**, Amedisys reports about **$250,000 in savings** in that area alone.
- Overall, the move to a consolidated Microsoft 365 security stack is saving the company approximately **$865,000** across licensing and operational costs.
- A uniform stack reduces the effort of coordinating data and engineering across multiple vendors.
**Improved device and data visibility:**
- **Defender for Endpoint** sensors are built into Windows 10, so Amedisys doesn’t need to deploy separate agents, which speeds up onboarding and reduces system overhead.
- Endpoint Manager and Defender for Endpoint work together, allowing the security team to quickly gain visibility into new environments, including acquisitions.
**Compliance and data governance:**
- Using **Microsoft 365 compliance center**, Amedisys applied machine learning to locate sensitive data across more than **10 million documents**. The initial scan produced results in about **48 hours**, a task that would otherwise have taken much longer.
- The company can now run “what-if” compliance scenarios in a few hours for frameworks such as **HIPAA**, **Sarbanes-Oxley**, and various state regulations—work that previously required outside consultants and days of effort.
Overall, Microsoft 365 helped Amedisys rethink its security and compliance posture: fewer tools, lower cost, faster insight into where sensitive data lives, and more confidence when responding to regulatory demands or integrating new acquisitions.
Amedsys Prescribes Microsoft Security and a Password-Free Solution to Support Clinical Teams
published by IT Blackbox
We help keep our customers' networks Safe from Data Breaches, Malware and Ransomware attacks.
Our customers enjoy high availability by migrating important services to the CLOUD whilst maintaining a secure environment to communicate and store their data.
Our services are managed via the cloud, central, easy access and always available. We offer state of the art, AI driven endpoint protection, Software as a Service (Microsoft 365) and affordable cloud to cloud or on premises to cloud backup and recovery solutions. We bring the quality and service normally reserved for the corporate and big business sector to you, small, medium and growing businesses.
We encourage our customers to adopt a security policy that will help minimize the risk of an attack on their business.
“The best-run companies are data-driven, and this skill, sets businesses apart from their competition.”– Tomasz Tunguz
Do you know a business that will benefit from our service?
Sign in with LinkedIn