Three separate EHRs, a legacy data warehouse, and HIPAA risk findings from a prior OCR investigation. We unified the clinical data environment, documented every PHI flow, and passed the follow-up federal review.
A 12-hospital regional health system was operating clinical and operational data across three separate EHR platforms, a legacy on-premises data warehouse, and two third-party analytics vendors. Patient data was moving between these systems through unsecured integration patterns, including unencrypted sFTP transfers that had been flagged in a HIPAA risk assessment.
The health system had been the subject of a prior HHS Office for Civil Rights investigation and had signed a resolution agreement requiring remediation of specific technical safeguard deficiencies within an 18-month window. The OCR follow-up review was scheduled. The migration and integration work was not optional.
The OCR resolution agreement identified three specific deficiencies: inadequate technical access controls on PHI systems, insufficient audit logging of PHI access, and unencrypted PHI in transit between systems. Each had a remediation requirement with a deadline. Non-compliance at the follow-up review would trigger escalated enforcement.
Simultaneously, the clinical informatics team had an initiative to deploy AI-assisted documentation to reduce physician administrative burden, a priority for retention and burnout reasons. But deploying AI that touched PHI required the secure foundation to be in place first. The two workstreams were sequentially dependent, compressing the effective timeline for the AI work.
The sequencing was deliberate: establish the HIPAA-compliant cloud foundation, replace every insecure integration pattern, then layer the clinical data platform and AI capabilities on top. No PHI touched the new environment until the boundary was complete and verified.
All three HIPAA resolution agreement deficiencies were remediated and documented before the OCR follow-up review. The health system passed the review without findings. The OCR investigator specifically noted the completeness of the PHI access audit trail as meeting the resolution agreement requirements in full.
All three EHRs are now integrated via FHIR R4, with duplicate patient records reduced 94% through identity matching. Clinical documentation time for physicians in the Otonmi pilot cohort dropped 28%, a result the Chief Medical Officer cited in a retention context with the medical staff committee. Zero PHI incidents have occurred in the post-migration environment.
All three HIPAA resolution agreement deficiencies remediated. PHI access audit trail cited by OCR investigator as fully compliant.
Legacy sFTP transfers fully replaced. Unencrypted PHI in transit eliminated. Patient duplicate records reduced 94%.
For the 340-physician Otonmi pilot cohort, post-encounter documentation time reduced 28%. Cited by CMO in physician retention context.
No unauthorized access, no PHI in transit violations, no audit logging gaps since migration completion.
VPC with PHI boundary controls, encryption at rest and in transit, CloudTrail, AWS Audit Manager, GuardDuty. BAA executed. Private subnets for all PHI workloads.
FHIR R4 APIs for Epic, Cerner, and Meditech. AWS HealthLake as the FHIR data store. Probabilistic patient identity matching across all three systems.
Clinical documentation assistant operating entirely inside the PHI boundary. Reads FHIR-structured patient data to pre-populate note templates. No PHI egresses to external model endpoints.
HIPAA-compliant cloud, HL7 FHIR, clinical data platforms, and AI deployment for health systems and life sciences.
HIPAA-eligible cloud architecture, landing zones, encryption, and compliance documentation from a senior-led team.
Federal, financial services, healthcare, and defense delivery records across cloud, data, AI, and staffing.
Bring the compliance requirement or platform challenge. We return with a written approach covering PHI boundary design, integration architecture, and a realistic timeline.