PE-supported dental practice network - strategy development for generating savings potentials and KZBV conformity in IT operations​

• Establishment of a cloud-based IT infrastructure for a network of medical practices

• Establishment of necessary policies according to regulatory requirements

• Support of the roll-out with existing service provider network

Initial situation

A private equity and owner-managed group of medical practices pursues a buy-and-build strategy. The IT of the practices is largely managed decentrally and both the heterogeneity and the complexity increase with each additional practice. Moreover, in addition to already established requirements such as the DSGVO, a new level of regulatory standards has been set with the IT security guideline. To ensure growth, an evaluation of the existing service provider network and the association-wide IT structures is necessary.

COREprocedure

Proof of concept piloting of the infrastructure setup

• Development of central infrastructure components
• Migration of the first practices and the group headquarters to central structures and establishment of an overarching Active Directory
• Development of a migration "cook-book" as a basis for future roll-outs

Evaluation of the practices and IT security

• Assessing local IT infrastructures and existing security measures within the practices and conducting interviews
• Development of an IT security concept for the new target setup
• Carrying out a penetration test

Development of a compliance framework

• Provision and introduction of elementary policies and regulations
• Preparation for the implementation of an external compliance audit
• Evaluation of a tool-based compliance management

Benefits for clients

• Establishment of a scalable platform for professionalisation along the dimensions of quality, IT security and compliance
• Compliance with regulatory requirements
• Centralised control in the area of IT within a constantly growing network of practices