Boston City Hospital and Boston University Medical Center Hospital merged in 1996 to form Boston Medical Center (BMC).  This 497-bed teaching hospital in the South End of Boston provides primary and critical care to a diverse population and houses the largest Level 1 trauma center in New England.


As a 24-hour hub for surgeries and life-sustaining medical care, BMC relies heavily on technology to support all operations, from appointment scheduling to vital health monitoring and imaging systems. Boston Medical Center has standardized on vSphere as a virtualization platform for its data centers.  With their server infrastructure almost 90% virtualized, BMC uses VMware vCloud Suite, Site Recovery Manager, vRealize Operations Manager, and has recently added NSX to better secure its Epic Electronic Medical Records platform.


In 2015, BMC implemented the Dell DRIVE system, including VMware, to consolidate and digitize medical records storage and delivery on Epic. While the Epic records must be constantly accessible to health care providers, who require immediate access to essential patient information throughout the hospital system, those same records must also be protected from intrusion or misuse. According to David Bass, SDDC Engineer at Boston Medical Center, “The type of data that systems like Epic store can be a target for ransomware and hackers. Typically, it’s not just the patient health record—it’s also PCI and PII data.”  Because Electronic Medical Records have changed the security landscape, BMC set out to further enhance their data center strategy to allow accessibility needed by providers without compromising security.


Before NSX, BMC relied primarily on firewalls plus the built-in security group protections included in Epic to secure the platform. Data security increasingly made it to the top of the list of priorities as BMC built on its existing investment with VMware. David explains, “We’d built an extensive infrastructure with VMware and other partners to support Epic, and it made sense to build iteratively on that base.”

“We’d built an extensive infrastructure with VMware and other partners to support Epic, and it made sense to build iteratively on that base.”

BMC was excited to learn that VMware had partnered with Epic to develop a deployment template for NSX, which allows customers to achieve a faster time to value using VMware Professional Services. With NSX distributed virtual firewall capability, BMC achieved granular East-West security at the individual workload level.  NSX built-in policy-based security also allows Boston Medical Center to automatically apply security to new virtual machines based on characteristics such as Operating System, Epic application modules, user identity, or custom attributes.


“It’s a big win for us to implement VMware NSX as part of our security roadmap,” said Peter Misticawi, Senior Director of Technology at BMC.  “The implementation was smooth, our engineers understand it intuitively, and they can tune and troubleshoot the system as needed. There’s a high comfort level with VMware.”


With its successful Epic rollout, one of its most critical systems, BMC plans to expand its NSX implementation to enhance security across the organization.