Az Computer Guru
Managed IT & Security · Tucson · Since 2001
Prepared for  Ashley Jensen
Cascades of Tucson · Business Office
Review date  June 24, 2026
Technology Plan Review

Where Cascades stands, and what comes next

A plain-language summary across the eight areas you asked to review: where each stands today, the open gaps, the action we will take, and when. The headline: the core systems are stable and backups are now verified, so the focus shifts from fixing risk to finishing the modernization already underway.

Priorities, in order
P1
Protect resident data (HIPAA) Finish the caregiver sign-in lockdown and switch on file-access audit logging on the resident-data share.
P2
Complete security coverage Bring every device, including the main server, under managed antivirus and remove the previous provider's leftover software.
P3
Server reliability & backup Backups are verified running. Restore the server's redundant power, install the SSDs already purchased, and plan the eventual server replacement.
P4
Microsoft 365 licensing Move 31 users onto the correct, current license before the suspended one lapses. Time sensitive.
P5
Phones & Wi-Fi Put the phones and the new resident-safety sensors on a dedicated, clean 5 GHz network for reliable calls.
P6
Looking ahead Set a practical AI use policy and build the reporting dashboard you requested.
The eight areas
01

Hardware & Software

Stable · planned upgrades
Where it stands

Core systems are stable. A live hardware check on June 24 confirmed the main server is healthy with all drives online and backups running (an earlier alarm turned out to be a self-corrected glitch). Microsoft 365 and the managed network are in place, and 12 staff PCs are already migrated onto the managed domain.

Gaps

The server is aging and currently running on one working power supply (its backup supply needs service). Several PCs run Windows Home and cannot join the managed domain until upgraded to Pro; a few are end-of-life. 31 users sit on a Microsoft license that has been suspended.

Our plan

Restore the second power supply; install the enterprise SSDs already on hand during a planned window; upgrade Home PCs to Pro and finish the migration; replace end-of-life PCs.

Timeline

Licensing now · upgrades near-term · server replacement a future project to scope together.

02

Communication Technology

On track
Where it stands

Email runs on Microsoft 365 with full sender authentication protecting your domain from spoofing. All 37 phone devices are consolidated onto a dedicated, isolated voice network, and a June Wi-Fi tune-up roughly halved wireless retransmissions building-wide.

Gaps

Some wireless handsets still attach to the congested 2.4 GHz band, causing occasional dropped calls. The phone vendor confirmed the handsets cannot be pinned to a band one by one.

Our plan

Stand up a clean, dedicated 5 GHz "device" network for the phones and safety sensors, which both vendors move their equipment onto remotely.

Timeline

Per-room coverage check next on-site visit · vendor switch-over shortly after.

03

Security for Sensitive Data

Strong · gaps closing
Where it stands

A modern, identity-based protection system is largely live. Caregiver accounts work only on-site and only on approved devices, so a stolen caregiver password is useless elsewhere. Office and clinical staff use multi-factor sign-in off-site, the clinical system (ALIS) uses single sign-on, and shared caregiver PCs auto-lock and sign out for privacy.

Gaps

File-access audit logging on the resident-data share is not yet switched on, and the long-term audit-retention storage is approved but not built. Emergency "break-glass" admin accounts and the signed agreement (BAA) with the clinical vendor still need finalizing.

Our plan

Enable audit logging and stand up retention storage (90 days live, 6 years archived); create break-glass accounts with security keys; confirm the ALIS agreement; complete the caregiver lockdown one device at a time.

Timeline

Audit logging and caregiver go-live are the immediate priority (P1).

04

Services Purchased or Contracted

Inventoried
Where it stands

Your technology vendors are inventoried: Microsoft 365, ALIS (clinical records), Vertical (phones), Cox (internet, fiber plus a backup line), MSP360 (cloud backup), Bitdefender (security), and your business applications (QuickBooks, Bill.com, Relias, You've Got Leads, TELS, Focus HR, Helpany, POS).

Gaps

The clinical-vendor business-associate agreement needs verifying, and there is no single calendar tracking renewals and agreements.

Our plan

Verify the ALIS agreement and build a one-page renewal and agreement tracker so nothing lapses unnoticed.

Timeline

Near-term, low effort.

05

Assistive Technology

In rollout
Where it stands

Cascades is rolling out Helpany "Paul" resident-safety sensors: ceiling-mounted radar devices that detect falls and motion. They use radar only, with no camera and no microphone, so resident privacy is fully preserved. Roll-out is floor by floor (floors 1 and 2 first). The clinical system and caregiver app round out the resident-facing technology.

Gaps

The sensors currently share Wi-Fi with other equipment; they belong on the dedicated, isolated device network described under Communication Technology.

Our plan

Move the sensors onto the new 5 GHz device network (the vendor transitions them remotely) and continue the floor-by-floor roll-out. If "assistive technology" should also cover nurse-call or accessibility systems, we will fold those in.

Timeline

Folded into the Wi-Fi device-network work above.

06

Disaster Recovery & Continuity

Improved
Where it stands

Cloud backup is now running and verified on June 24: the last backup succeeded, about 576 GB is protected off-site, and daily changes are captured. This closed a long-standing gap. June's planned power outage was handled with a clean, scripted shutdown and a verified recovery, proving the procedure works.

Gaps

We need to confirm the backup is a full system image (not files alone) so the server could be rebuilt quickly after a total failure. The facility still relies on a single primary server, so there is no automatic failover yet.

Our plan

Confirm or extend backups to full-image, run a test restore, document a written recovery plan with target recovery times, and add server redundancy with the modernization project.

Timeline

Backup confirmation and test restore near-term · redundancy with the server project.

07

Malware Prevention & Virus Protection

Needs consolidation
Where it stands

Managed antivirus (Bitdefender) protects endpoints, with Microsoft Defender and email filtering guarding inboxes.

Gaps

Coverage is not yet universal. Notably the main server is not under managed antivirus, and leftover software from the previous IT provider is still installed and should be removed.

Our plan

Enroll the main server and all remaining PCs into managed antivirus, remove the previous provider's leftover agents, and run a coverage audit so every device reports in.

Timeline

Near-term · exact coverage numbers confirmed before the meeting.

08

Use of AI

Opportunity · policy first
Where it stands

No AI system is in production at Cascades today. The nearest active item is the reporting (KPI) dashboard you requested, which will pull key numbers from ALIS, QuickBooks, Bill.com and others into a single view.

Gaps

There is no staff policy yet for using public AI tools, which is a data-privacy risk in a healthcare setting.

Our plan

Draft a short, practical AI acceptable-use policy first; then evaluate Microsoft 365 Copilot with healthcare safeguards; and advance the reporting dashboard as the sanctioned path.

Timeline

Policy is quick · dashboard proceeds once you confirm the first key metrics.