Derek Merck, Rhode Island Hospital, sits with Dave Vellante and John Walls at Splunk .conf 2017 in Washington, D.C #splunkconf17 #theCUBE https://siliconangle.com/2017/11/27/best-defense-good-offense-case-new-data-security-platforms-splunkconf17/ Turn compliance yellow lights green The flexibility of a platform may help some industries out of sticky data compliance spots. No one knows Byzantine compliance rules like the healthcare sector. Rhode Island Hospital — the teaching hospital of Brown University — ran into a regulatory impasse in its diagnostic imaging department. The department uses magnetic imaging resonance as well as computed tomography scans to diagnose patients. “You could get MRIs all day long,” Derek Merck, director of computer vision and image analysis at RIH, told theCUBE. Unlike MRIs, however, CT scans should be kept to a minimum since overexposure can cause adverse skin reactions and other problems. The hospital became aware that Medicaid could reduce reimbursement if it could not prove that it was using ionizing radiation properly. No one really knew what that meant; Medicaid did not spell out guidelines, Merck said. “These vendors are coming in, they’re trying to sell us solutions that are, like $100,000 licenses,” he said. The hospital’s administration took the regulation seriously, so Merck and staff from the CT team came up with a system using Splunk. “We use Splunk to collect meta information about how all the scanners — system wide — are being used,” he said. They built dashboards to show, per institution, the average dose per protocol, per body type. They can also ticket outliers, or higher-than-average doses, and justify them in the event of inquiry, he said.