Epiphany Healthcare Blog

Epiphany Observes National Nurses Week 2020

Posted by Allison Fawber on May 6, 2020 at 12:40 PM



During the week of May 6-12, Epiphany Healthcare would like to join the American Nurses Association (ANA) and many other organizations across the United States in observance of National Nurses Week 2020. Please join us in recognition of our 4 million registered nurses, as they dedicate themselves year round to the promotion and maintenance of our nation’s health.

Why Observe National Nurses Week?

  • Raise public awareness about the tremendous role that nurses play in the maintenance and improvement of American healthcare. We all know that nurses work diligently to provide us with superior care in hospitals, schools, and other healthcare facilities, but many may not see the important contributions nurses make as volunteers, researchers, educators, and advocates for a better healthcare system.
  • Nurses make up the largest of all healthcare professions and the profession is growing, in both number and in its capacity for leadership and responsibility as changes to the healthcare system allow nurses the opportunity to utilize more of their education and training than ever before.
  • Nurses are the most trusted professionals in America according to a national Gallup poll. The 2018 poll marks the seventeenth consecutive year that nurses have topped the list of trustworthy and ethical professionals.

How to Observe National Nurses Week

  • Plan an event in your community or workplace. Some possibilities include:
    • Host a celebration of current or retired nurses in your community.
    • Organize/sponsor a community wide contest that focuses on recognition of a nurse or nurses within the community.
    • Hold a fundraiser and donate the funds to a local charity in the name of a local nurse, group of nurses, or National Nurse Week.
    • Spread the word via press release, blog, advertisement, or any way that can make more people aware of National Nurse Week.
    • Show your appreciation by personally thanking nurses for all that they do. No matter who it may be, just let them know that you appreciate them. They will likely appreciate the recognition.
At Epiphany Healthcare, we understand the important role that nurses play in our nation’s healthcare system and we want to take this opportunity to thank them for their service. Our goal is to use our technology and service to help improve patient care just as nurses around the country and the world do every day.We thank you again, Happy National Nurses Week!

Topics: Epiphany Healthcare, Nation's Health, Epiphany, Nurses, National Nurses Week

Epiphany Celebrates 15 Years of Business

Posted by Allison Fawber on July 9, 2019 at 10:22 AM

15Years (002)

Epiphany is excited to announce that July 2019 marks our 15th year of business. As we celebrate our company’s success this year, we would like to take a look back and share some words from our founders about how we got here.

“Fishing on Russ’ dock,” recalled Jim Stanczak (Epiphany’s Executive Vice President and General Counsel) when asked if he could share the story of Epiphany’s humble beginning. “It all started on the dock January 1, 2004. Me with a notebook and pen and Russ (Epiphany’s President and CEO) brainstorming. It was a nice day of fishing, it was a nice day to start a business. He and I discussed the requests we received from around the world for a multi-vendor, multi-modality management system and put them on paper. We were in business by July. I asked, ‘What do you want to call it?’ Russ responded, ‘Epiphany.’”

Russ added some commentary on his motivation to start a new company. “I have always worked for smaller companies. After a small company I worked for was purchased by a global medical company, my ability to quickly resolve customer issues and enhancement requests went away. New development moved at a very slow pace. I knew our idea for Epiphany was too good to pass up."

“We formed a highly specialized team with a shared vision to provide a multi-vendor, multi-modality ECG management system. The team was comprised of engineers with over 30 years of experience in the medical device industry and clinical professionals who witnessed firsthand the daily workflow challenges clinical staff faced.”

Once a company of just a handful of talented and dedicated individuals with a plan and a passion, Epiphany now has 70 employees across the nation and abroad with its headquarters in Midlothian, VA and service and support center located in Durham, NC. Epiphany’s Cardio Server is the fastest growing ECG management system in the country with almost 1,000 hospitals using our product worldwide. We are proud to have hospital customers all over the US, as well as in Canada, South Africa, Australia, New Zealand, Malaysia, the Netherlands, the UK, Italy, and Switzerland.

Cardio Server was built with clinical customer requirements and hospital department workflow improvements in mind. As we celebrate our 15th year of business and the journey that has led to our success today, we thank our customers who have made our vision and our progress possible.

About Epiphany Healthcare: 
Epiphany Healthcare simplifies diverse clinical workflow using one consolidated EMR interface. Epiphany is committed to serving its customers’ needs through product innovation, the delivery of exceptional service, and an unwavering dedication to interoperability. Discover why Epiphany is the preferred provider when managing multi-vendor, multi-modality diagnostic test data. Contact us for more information.


Topics: Epiphany, ECG management

Epiphany's CERT Response – 8 December 2015

Posted by Jim Stanczak on December 8, 2015 at 4:42 PM


On 1 December 2015, the CERT Coordination Center (“CERT/CC”) issued Vulnerability Note VU#630239 (“Epiphany Cardio Server version 3.3 is vulnerable to SQL and LDAP injection.”  

The note described the following potential vulnerabilities to Epiphany’s Cardio Server version 3.3: 

CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2015-6537 “A SQL command may be inserted into the login page URL, causing the unauthenticated user to be logged in as an administrator.” and 

CWE-90: Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')
CVE-2015-6538 “An LDAP query may be inserted into the login page URL, causing Cardio Server to perform an LDAP query to the IP address of the attacker's choice.”  

These potential vulnerabilities were uncovered by penetration testing conducted by a 3rd party security firm. The testing was commissioned by a hospital on their Cardio Server 3.3 system. There is no evidence that either of these vulnerabilities were exploited on any of our installed systems around the world; there is no evidence that patient information was accessed or changed. A patch has been released for both of the potential vulnerabilities on affected versions.

Both vulnerabilities require that the attacker have a valid user name on the Cardio Server system. Customers with affected Cardio Server versions that have login screens exposed directly to the Internet may have a higher risk of exposure to this vulnerability.

Upon further review of these potential vulnerabilities, it has been determined that:

  • The SQL Injection vulnerability only affects Cardio Server version 3.3; and
  • The LDAP Injection vulnerability only affects Cardio Server version 3.3, 4.0 and 4.1.

Patches to eliminate these vulnerabilities for Cardio Server version 3.3, 4.0 and 4.1 are available from Epiphany Healthcare.  

1st Vulnerability Scenario—SQL Injection

“A SQL command may be inserted into the login page URL, causing the unauthenticated user to be logged in as an administrator.”

Vulnerability Mitigation

  • This potential vulnerability is only present in Cardio Server version 3.3. A patch to close the vulnerability is available. 

  • The potential vulnerability is limited to affected Cardio Server systems where a login page is displayed. If your facility uses a single sign-on solution that never presents the Cardio Server login screen to the user, this vulnerability does not apply.

2nd Vulnerability Scenario—LDAP Injection

“An LDAP query may be inserted into the login page URL, causing Cardio Server to perform an LDAP query to the IP address of the attacker's choice.”

Vulnerability Mitigation

  • This potential vulnerability may exist in Cardio Server versions 3.3, 4.0 and 4.1.  A patch to close the vulnerability exists for each version.

  • The potential vulnerability is limited to affected Cardio Server systems where the login page displays a domain-selection, drop-down menu. 

  • If your system does not display a domain-selection, drop-down menu on the login page, this vulnerability does not apply.

  • If your facility uses a single sign-on solution that never presents the Cardio Server login screen to the user, this vulnerability does not apply.


Epiphany takes its customers’ security seriously. We apologize for any inconvenience this may have caused. We have patches available for the above-named vulnerabilities. 

We have no evidence that any patient information was accessed. 

Most Cardio Server systems reside inside of our end-users’ firewalls with all the appropriate firewall protections that our end users deploy. Cardio Server login screens that are directly available from the internet are at higher risk.

Epiphany performs thorough verification and validation on each version release. Our last Cardio Server version release included ~5,000 test steps on six browsers totaling ~30,000 completed test steps.

If you are a Cardio Server 3.X customer and your system is running on Windows Server 2003, we highly recommend that you upgrade to Cardio Server version 5.0, which supports Windows Server 2008 R2 or Windows Server 2012 R2. We believe that any Cardio Server systems running under Windows Server 2003 are subject to potential security risks associated with the EOL status of Windows Server 2003.


Please contact Epiphany’s Vice President of Professional Services, Kelli Sudduth, with any questions you may have, including requesting patches for your Cardio Server. Kelli’s number is: (919) 354-5050 or

Topics: Epiphany, Cardio Server security, security, cert

Healthcare IT Demands Nothing Less Than Exceptional Customer Service

Posted by Allison Fawber on June 1, 2011 at 3:18 PM

As the business world moves faster every day, companies are finding it more and more difficult to keep up with the demands of customer service. Nowhere is this more evident than in the health information technology (“Health IT”) industry. Medical professionals rely more heavily on Health IT than ever because patient lives are at stake. It is imperative, therefore, that customer service in Health IT be exceptional.

Exceptional customer service in Health IT is time sensitive.customer service Companies that provide medical equipment and software need to offer 24/7/365 support in order to remain competitive and successful in the marketplace.

Epiphany Cardio understands the meaning of exceptional customer service. With 24/7/365 support in multiple time zones around the world and support technicians available at all times, Epiphany is a company that knows the importance of being there for our customers. We provide a highly educated and involved support staff that has a vested interest in supporting our customers.

Epiphany goes a step beyond what is expected for exceptional customer support with its new Customer Advocacy Program (“CAP”). The CAP program is designed to keep us in touch with our customers on a regular basis. Each Epiphany user has its own clinical resource, a CAP Representative. We offer web training for new users, answer questions and address needs from existing users, and assist in analyzing and solving workflow problems in the clinical environment. Our CAP initiative enables us to be proactive and act quickly when new demands are expressed.

At Epiphany, we welcome customer feedback; our customers are encouraged to share their suggestions for enhancing the current application. It is our goal to provide the best solutions to challenges our customers face in managing diagnostic test results.

As the healthcare industry continues to evolve at a record pace, it has become crucial for healthcare providers to rely on the customer service skills of their equipment and software providers. It is important not to settle for less than exceptional customer service. At Epiphany, “above-and-beyond” customer service is what we strive to provide.

Topics: Cardio Server, healthcare IT, Health IT, Epiphany, Customer Service, HealthIT

Subscribe to Our Blog

Recent Posts

Follow Us: