ISI Telemanagement Solutions doesn’t have a single medical doctor on staff. Even so, the company has a preoccupation with HIPAA compliance. Why the interest in the Health Insurance Portability and Accountability Act?
“Healthcare is our largest vertical,” says Mark McNeill, vice president of strategic marketing solutions for ISI. The Schaumburg, Ill., company helps businesses get the most out of their telecommunications investments and keep costs down.
Healthcare organizations — as well as ISI’s other large customer groups (legal, financial and retail) — tend to be major users of telecommunications services, McNeill points out. “It’s often a major expense line item for them,” he adds.
These ISI customers, particularly the healthcare and financial services providers, also traffic heavily in personally identifiable information. “Our clients are very, very concerned about data security, and in turn, this makes us very into data security,” he says.
ISI’s homegrown software tools and services provide pointers on how its 3,500 clients can reduce and manage their telecom spend. The reporting tools monitor and analyze telecom usage — the goal being to drive up productivity, ferret out abuse and identify trends.
Given increasing pressure on companies from federal mandates such as HIPAA, the Health IT for Economic and Clinical Health (HITECH) Act and Sarbanes–Oxley, ISI knew that it needed to ramp up its own data security. Bolstering data security certainly was a critical factor in the company’s decision a year ago to shutter its data center in Schaumburg and to host all of its systems at a CDW data center in Madison, Wis. Other factors included boosting systems availability, reducing the day-to-day management burden on the company’s two-person IT staff and controlling long-term IT costs without sacrificing access to emerging technologies.
“We’re no longer jeopardizing a major healthcare vertical revenue stream,” McNeill says.
This fall, ISI completed migration of its business systems to the CDW data center. Now, ISI leaders are looking at each of the company’s mission-critical applications, including its website, to maximize its return on investment.
The company first began thinking about how to overhaul the ISI infrastructure two years ago.
“We were out of capacity, and we needed a technology refresh,” says ISI Product Strategy Director Mitch Weiss, who led development of the hosting strategy.
Before the shift, he points out, the typical ISI server was 4 to 6 years old. The headquarters facility was also bumping up against its power capacity. Expanding the power grid would have been pricey, Weiss adds. Although ISI previously had a few systems running at the CDW facility, the bulk of its critical systems and services remained at the Schaumburg data center.
For the installation, CDW built out the new infrastructure, provisioned the servers, did the configuration — “and then we took over,” ISI IT Manager Al Degutis says.
The migration to the CDW equipment involved collapsing systems running on 24 stand-alone servers to virtual machines on four servers, and upgrading from an old Hitachi storage system to an IBM storage area network. “The IBM SAN has built-in hardware encryption that allows us to meet our customers’ needs,” Weiss says. “A HIPAA violation can result in penalties as high as $1 million for us and our customers, and we don’t want that.”
Besides being able to assure customers that its applications and systems won’t expose them to security risks, ISI also wanted to improve systems reliability. Uptime is vital for many of its customers, who depend on reliable access to ISI’s reporting tools.
“Our reporting can be the lifeblood for some customers,” McNeill says. “Being down for even five minutes is unacceptable, so we’re going for five nines of uptime.”
So far, the hosted environment is home to a half dozen VMs, Degutis says. “But we can support far more. Eventually, we may need to extend up to as many as 10,” he says. “The flexibility the virtual hosted environment offers is nice because we can adjust resources much more easily than before.”
Plus, the virtual environment has greatly reduced the impact on customers and the infrastructure, Degutis says. Previously, provisioning and configuring a new server could take days or weeks; now it can be done in a matter of minutes, he says.
“The financial savings also made hosting attractive,” McNeill says. ISI looked at other possibilities, such as moving to an in-house virtualized environment. But the cost was prohibitive given the project management and people skills required, he says.
The hosting agreement gives ISI options for adding new technology and services that it might not have if it opted to run the systems in house, Weiss says. “If CDW brings in new tools or services, ISI gets the benefits and CDW accepts the risks,” he says.
The arrangement also lets ISI keep its IT staff lean: Degutis and one other IT staff member still manage all systems. But this doesn’t mean the company is skill-deficient.
Weiss explains it simply: “It’s good to know that even though we try to be self-sufficient, there’s a team of certified and experienced engineers and experts in Madison ready whenever we might call.”