Orion Networks Helps HCNA Overhaul IT Infrastructure And Achieve HIPAA Compliance
The margin for error in the healthcare sector is razor-thin when it comes to compliance and data security. In light of HIPAA and its many strictures, it’s more important than ever that you confidently manage your compliance practices.
The fact is that, as technology changes, so do the regulations that govern it. Modern healthcare organizations need to carefully manage and maintain their IT systems to support their HIPAA compliance efforts.
That’s why The Heart Center of Northern Anne Arundel County (HCNA) first got in touch with Orion Networks.
Download our complete case study here
HCNA’s Previous IT Support Was Inconsistent
“Prior to Orion Networks coming on, we had just one IT person,” says Jessica Beasley, Office Manager, HCNA. “He wasn’t readily available when our systems would go down.”
Before partnering with Orion Networks, HCNA was relying on an IT support provider that couldn’t always be there when they needed them. As an independent service technician, this support provider split their time between multiple clients. This meant that whenever HCNA had an issue, they often had to wait hours until they could get it resolved.
“We would call and they would come in three hours later,” says Jessica.
This was a serious issue for HCNA. As a medical organization, they need constant access to their data in order to care for patients properly.
“We’re a doctor’s office — when we don’t have any Internet, everything shuts down,” says Jessica. “That’s a huge thing for us.”
Furthermore, HCNA knew they needed to get started on system-wide upgrades at some point. They had been struggling with poor infrastructure performance for years, but they weren’t confident their current IT support provider would be able to handle that size of a project.
That’s When HCNA Called Orion Networks
Recognizing their need for both more responsive support and a partner capable of managing a major infrastructure overhaul, HCNA began looking for superior Tech Support. A team member researched their options in the area and eventually decided to get in touch with Orion Networks.
“From there we called them in and started a relationship,” says Jessica.
HCNA Needed To Completely Redesign And Deploy Their Infrastructure
“We would be so slow because our server couldn’t handle the number of people that were on it,” says Jessica.
HCNA had a number of requirements for this infrastructure project:
- HIPAA Compliance And Protected Health Information (PHI) Security: Their primary goal was ensuring their new IT environment would be fully compliant with HIPAA regulations. This meant deploying a series of security solutions that will effectively defend PHI.
- Improving IT Infrastructure: In designing a new IT environment, HCNA wanted to make sure they had both preventative technologies and continuity solutions in place. Assets such as access control, encryption, and disaster recovery solutions are necessary to protect them both before and after a security incident
- IT Network Modernization: Lastly, any infrastructure upgrade is a chance to further modernize the systems HCNA’s staff uses every day.
What Problems Did Orion Networks Solve For HCNA?
“Orion Networks put us in the place we needed to be,” says Jessica.
In our assessment of their current systems, Orion Networks identified a series of security vulnerabilities and other issues:
- Most workstations were configured in a workgroup environment, and had no password protection or implemented security policies.
- A number of vendor-specific machines were still on the Windows 7 environment which had reached end-of-life years ago.
- Data was stored in several different places with varying degrees of security (or none whatsoever). They lacked User Security Policies, which made it possible for a user to accidentally expose the network to malware and other threats.
- They had no Disaster Recovery plans in place, leaving them at serious risk of permanent data loss.
- Once our assessment was complete, Orion Networks began planning this client’s new environment. We arranged for solutions to each of their problems, while also keeping their original priorities for the project in mind.
- We migrated their systems (vendor-specific and otherwise) to new Windows 10-supported software. In one instance, where the specific software was not compatible with Windows 10, we worked with HCNA to find a suitable alternative.
- We created a Microsoft Active Directory Domain with user and password policies to properly secure access to PHI.
- We arranged for a central file server in which to host critical HCNA data, complete with secure and encrypted sharing capabilities.
- We overhauled their network, installed a firewall solution, and managed network devices for controlled access to the work.
- We created and deployed robust backup policies to secure their data both on-prem and at offsite locations, ensuring their disaster recovery capabilities.
What Solutions Did Orion Networks Use For This Project?
“We are a hundred times better,” says Jessica. “Just the speed alone is fantastic.”
The Orion Networks team deployed a range of industry-leading cybersecurity solutions to ensure that HCNA’s PHI would be properly protected:
- Microsoft technologies:
- Active Directory
- Group Policy
- Print Server
- Azure
- SonicWALL Firewall Threat Security Module with Comprehensive Gateway Security Suite
- ESET Cyber Threat Security
- Nexpose Vulnerability and Penetration Testing
We also helped HCNA implement a series of cybersecurity best practices to make sure the new infrastructure would be properly maintained:
- Patch Management: Did you know that the most common way cybercriminals get into a network is through loopholes in popular software, applications, and programs? Despite how advanced modern software is, it is still designed by humans, and the fact is that humans make mistakes. Due to this, much of the software organizations rely on to get work done every day could have flaws — or “exploits” — that leave you vulnerable to security breaches. Many of the most common malware and viruses used by cybercriminals today are based on exploiting those programming flaws; to address this, developers regularly release software patches and updates to fix those flaws and protect the users. This is why it’s imperative for our team to keep this client’s applications and systems up to date.
- Penetration Testing: The penetration test is an authorized attack on the organization’s technology and staff. It is one of the best ways to accurately evaluate their security controls. In combination with a red team exercise (in which a full-scope attack simulation is executed to test organizational security), we can double-check each and every aspect of this client’s cybersecurity posture.
What Was The Result For HCNA?
HCNA’s infrastructure is not only more secure but with the standardization and methodical implementation of best practices, they have seen over 60% reduction in day-to-day IT issues. This previously unattainable level of functionality allows HCNA’s team to be more productive and considerably increase the quality of care they provide to their patients.
Furthermore, their infrastructure is now fully HIPAA compliant. They are able to implement policies and fixes in a timely manner, helping them to keep up with the adapting nature of cybercrime.
In light of the success of this infrastructure project, HCNA hired Orion Networks to continue providing a range of key services on an ongoing basis:
- Ongoing Technology Operation Management
- Infrastructure Support with Helpdesk availability
- HIPAA Security Consulting and implementation
- Technology Consulting and Strategy
“They’re HIPAA compliant, and they even keep me updated on HIPAA,” says Jessica.
In addition to ensuring their infrastructure is in line with their compliance needs, Orion Networks also helps HCNA’s staff stay compliant. When a new course or resource is made available to the public, Orion Networks makes sure the HCNA staff is aware of it, and encourages them to take advantage of it.
Orion Networks Is HCNA’s Reliable Support Partner
“I’ve called at 7 PM at night and they’re there on the phone with me,” says Jessica. “There’s always someone to answer — they’re fantastic.”
Orion Networks delivers responsive and effective support every day for the HCNA team. We ensure their IT is working, whether that means solving a quick problem over Live Chat, or getting on the phone with one of the vendors so they don’t need to.
“I don’t have to sit on the phone with our provider,” says Jessica. “Orion Networks calls them and gets them on the phone and does the work behind the scenes.”
The Orion Networks team is proud to play a small part in HCNA’s mission. By making sure their IT is functional and cost-effective, the Orion Networks team helps this client care for their patients.