How a 12-location dental group cut email spend by ~$45K/year and closed every HIPAA gap
12-location dental group · ~140 staff · East TN
The challenge
Where they started.
Microsoft 365 lived on a reseller account with no admin portal access, no Conditional Access, no Intune, and no path to wire EDR into identity. HIPAA risk analysis was 18 months overdue. Imaging traffic was choking the office network during peak hours. Backups existed but had never been restored.
Specific pain points
- Reseller-locked Microsoft 365 with 3.4× retail licensing markup
- HIPAA risk analysis 18 months overdue, no documented WISP
- X-ray and CBCT imaging waited 30–90 seconds per file at peak
- Backups untested — practice manager wasn't sure if they actually ran
- Three staff with permanent domain admin rights, none documented
The approach
What we did.
Phased rollout across 4 weekends, starting with the smallest location to derisk. Migrated mailboxes via M365 coexistence (zero downtime), tightened identity and endpoint posture, redesigned the imaging path, and produced HIPAA documentation auditors actually accept.
What we delivered
- Direct Microsoft 365 tenant with all mailboxes migrated via coexistence
- Intune endpoint management deployed across every workstation
- Phishing-resistant MFA + Conditional Access enforced firm-wide
- EDR (CrowdStrike Falcon) on every endpoint, tuned and monitored
- Imaging VLAN + QoS rules; replaced two aging switches that were the real bottleneck
- Immutable Datto backup of Dentrix databases with quarterly restore drills
- HIPAA Written Information Security Plan, evidence binder, and training logs
The outcomes
What changed.
First HIPAA audit prep cycle after the engagement closed in days, not weeks. Imaging speed improvement was the change clinical staff noticed first. Domain admin rights now scoped to two named accounts.
- ~$45KAnnual licensing reduction
- ~3×Imaging throughput improvement
- 100%HIPAA evidence binder coverage
- 4h / 15mDocumented backup RTO / RPO
- 3 → 2 (named, MFA)Staff with domain admin rights
“We thought we were paying Microsoft. We were paying triple for less. Equal Tech moved us, ran HIPAA prep, and closed every audit gap before our next review.”
Services involved
The Equal Tech stack behind this engagement.
Managed IT
Proactive monitoring, patching, and unlimited help-desk for desktops, laptops, and end users — flat-fee per seat.
Cybersecurity
Endpoint detection, dark-web monitoring, phishing-resistant MFA, and security awareness training — built for SMBs.
Cloud Services
Microsoft 365, Azure, Google Workspace, hybrid infrastructure, VDI, and immutable cloud backup — designed and operated end-to-end.
Network Support
Business-class Wi-Fi, firewalls, SD-WAN, VLAN segmentation, and 24/7 monitoring for offices and multi-site operations.
More case studies
Other engagements worth a read.
CPA firm: FTC Safeguards + tax-season scaling
A Knoxville CPA firm running into FTC Safeguards Rule deadlines AND chronic tax-season RDS slowdowns. We built the WISP, moved tax-software workloads to Windows 365 for elastic scaling, and tightened identity. First tax season under the new setup was their fastest ever.
Manufacturer: CMMC readiness + ransomware recovery
A North GA aerospace parts manufacturer lost a contract because they couldn't demonstrate CMMC Level 2 readiness, then got hit with ransomware via a SaaS vendor. We segmented OT/IT, delivered the 110 NIST 800-171 controls, stood up immutable backup. They re-qualified for the contract and contained a follow-up attack in 90 minutes.
Ready when you are
Let's talk about your IT.
A 30-minute call is all it takes to know whether we're the right partner. No pressure, no jargon, no obligation.
What to expect
- 130-minute discovery call
We listen first — your environment, pain points, and goals.
- 2Free IT assessment
Senior engineer reviews your stack and flags real risks.
- 3Plain-English roadmap
Clear scope, clear pricing. Walk away with a plan, not a pitch.