This case is an illustrative example based on real situations in the healthcare sector in Peru. Names, figures, and details have been changed for demonstration purposes and confidentiality.
Clínica Salud Integral, a network of eight medical centers in Lima, experienced one of the most critical incidents in its history on a Monday morning: its billing system crashed completely. What appeared to be a common technical problem soon revealed its true cause.
An administrator had clicked on an email that imitated an official message from the “Ministry of Health.” The link downloaded a Trojan horse that encrypted essential servers, affecting the issuance of invoices, electronic prescriptions, and internal reports.
Although the clinic had backups, it had two significant gaps:
Lack of an awareness program for staff
Lack of digital certificates to validate official communications
After assessing the damage, they decided to purchase our Awareness Workshops + Digital Certificates package.
Actions implemented
During the rollout, specific measures were implemented to strengthen security:
Monthly phishing attack simulations
Training for 120 employees in threat identification
Implementation of digital certificates for invoices, prescriptions, and internal communications
Results
In three months, the clinic achieved tangible and measurable changes:
- 95% reduction in clicks on suspicious emails
- Automatic validation of critical documents using digital certificates
- Savings of S/ 180,000 in system recovery and man-hours
“Now our doctors know that an ‘urgent referral’ can cost more than a failed surgery.”
— CIO, Comprehensive Health Clinic
Does your industry handle sensitive data?
Schedule a free awareness workshop for your team and assess the risk level of your operations.