Case Study

Building a Solid Cybersecurity Framework for Prevention and Protection

childrens miracle network hospitals logo clouds

Cybersecurity Risk is Business Risk

We’ll help you empower the right people and technology to protect your data.
Talk to our specialists
Children's Miracle Network Hospitals
Children’s Miracle Network HospitalsSalt Lake City, Utah

Children’s Miracle Network (CMN) Hospitals has been raising money for children’s hospitals since 1983. One in 10 children in North America are treated by a CMN Hospital each year, and 62 children enter a CMN Hospital every minute.

CMN Hospitals relies on millions of donors to provide undesignated funds to children’s hospitals, and millions of donors rely on CMN Hospitals to keep their personal information safe and secure. That’s why CMN Hospitals worked with Eide Bailly to build a solid cybersecurity framework into the foundation of their organization.


  • Increased protection of partner and donor information.
  • Individualized disaster recovery policy that ensures effective response in the event of a breach.
  • Comprehensive incident response plan detailing clear procedures and staff roles.
By the numbers
Potential savings of
$11 million
based on the average cost of a healthcare data breach

Hear from Children’s Miracle Network Hospitals about how Eide Bailly helped them build a solid cybersecurity framework for prevention and protection.

The Challenge

Nonprofit and healthcare organizations are prime targets for cyberattacks.

Children’s Miracle Network (CMN) Hospitals relies on millions of donors to provide funds to children’s hospitals, and millions of donors rely on CMN Hospitals to keep their personal information safe. CMN Hospitals takes security very seriously, so they sought a partner to help defend against or respond to attacks. 

yellow 1
Sensitive donor information needs tight security and protection
    yellow 2
    Stringent PCI-Compliance requirements
      yellow 3
      Need for a partner in training and strategy

        The Solution

        A comprehensive security partnership for strategy and defense.

        Cyberattacks are no longer a matter of “if,” but “when.” And when an organization is handling sensitive, personally identifiable information, they need to make sure they are prepared to respond if an attack occurs. Because of this, we first devised and implemented a Disaster Recovery Policy for CMN Hospitals. 

        While this was an adequate reactive measure, CMN Hospitals also needed to take steps to be proactive in their cybersecurity efforts. Since 2017, we’ve grown with CMN Hospitals to conduct security assessments, penetration testing, incident response planning, and more. This has allowed CMN Hospitals to take a proactive approach to cybersecurity, ensuring that the gaps in their security posture are remediated and that they are confident in their response efforts in the case of a breach.


        The Results

        CMN Hospitals can feel confident in their security posture.

        By prioritizing cybersecurity and building a solid security framework, CMN Hospitals can experience peace-of-mind that they are protected against threats – and prepared to respond if a breach occurs.

        They've already put this into practice – when faced with a potential breach, CMN Hospitals was able to utilize the plans and procedures Eide Bailly implemented in order to effectively stop the malicious actors from attacking.

        Article5 Benefits of Hiring a Virtual Chief Information Security Officer (vCISO)
        Are you ready to take your organization’s cybersecurity to the next level? Discover the key benefits a virtual Chief Information Security Officer (vCISO) can bring to your organization’s security team – with less cost and hassle.
        Cyberattacks are not a matter of if, but when. Is your organization prepared?