Case Study: Medical Office
One of our clients, a Medical Office located in Pinehurst, hired our firm in 2015 for IT Managed Services. They were facing issues in five major areas: network capacity issues, server and application crashes, rudimentary desktop support, third party service cost overruns, and a lack of web presence. The most pressing matter was network capacity and servers/applications crashing on a constant basis. After our initial audit, it was discovered that the previous two providers had improperly configured the Active Directory domain and Exchange server, as well as the EHR (Electronic Health Record) and patient billing servers. As Active Directory is the backbone for the network, we started there and elevated the domain to operational status, configured DNS properly, fixed replication, cleaned up groups and user accounts, and re-installed Exchange to resolve the issues. We then worked with the EHR and patient billing software providers to properly configure their applications and SQL databases, including optimization tuning and setting up disaster recovery. Once the servers were stable, we looked at the network devices – the routers/firewalls and switches – and found that they were setup with default factory values (again from the previous providers) and immediate action was taken to setup them up properly and in compliance with HIPAA regulations.
Once the network and servers were stable and convergent, we implemented full desktop support and maintenance plans to alleviate the daily desktop user issues. These were brought down to minimal incidents per month instead of daily occurrences.
Our team also worked hand in hand with their accounting and billing department to help identify recurring charges on their bank account for IT services that were no longer in use, never used, and no longer applicable. At the end of the audit, we saved this client close to $500 in monthly recurring charges on services they did not require.
We then built out a new web site for them, along with providing robust web hosting, and designed a patient portal for patients to interact with the office providers and request appointments, medical forms, and other information. Once all was completed, we worked with their local HIPAA representative to perform a full audit on the network, services, users, and site in order to pass their HIPAA compliance.