Macs in a medical practice

[DJLC]

I'm the tech guy at a cosmetic medical practice with less than ten employees. The doc is finally interested in replacing our computers, and I'm thinking about switching the office to Mac. I'm wondering if the setup I envision even makes sense, or if maybe I'm biting off more than I can chew. Any feedback is welcome.

Right now we have seven workstations (Win XP) and a server running Windows Server 2003 and SQL Server 2005. We use a total of four medical programs. Everything is locked down with GPOs, and we provide remote access (Terminal Services / RDP) for staff.

Our upgrade plan as it stands includes new medical software, which replaces three of our old programs. The new system uses PostgreSQL, and we'll be keeping one program that uses MS SQL.

The setup I envision involves keeping one Windows workstation and replacing the other six with Mac Minis. (The one Windows workstation is used to take before/after photos; since it only runs this one program, there's no point in replacing it.) We would also replace the server with a Mac Mini Server and upgrade to a gigabit switch. OS X server would handle basic network functions (DHCP, file sharing, etc) and also run Windows Server 2008 via Parallels. On the workstations, OS X would be used for basic office functions, while virtual machines running Windows 7 would be utilized strictly for the medical software.

I expect that I'll run Open Directory on the Mac server so that I'm able to create security profiles for the Macs (GPO in Windows land -- unsure what to call it here). The virtual machines on the workstation would be locked down with a GPO and would only be able to run our medical programs.

In an ideal world we would have a standard virtual disk for the workstations so that we can easily recover from any Windows-based issues (which means it's ideal for them NOT to join an AD domain). The documents on each workstation would backup to the server via Time Machine, and the server would then back itself up with Time Machine to an external drive. It'd also be nice to make a standard image for the Macs so office staff could easily re-image a workstation via NetBoot in case of an issue.

The problems / questions I see:
1) Do I need to make the virtual Windows Server run Active Directory to provide a GPO for the workstation virtual machines / the one remaining PC, or can OS X Server handle this functionality? Or does it make more sense to utilize local GPOs and forget AD entirely?
2) Windows Server will obviously have to handle the MS SQL based program (as well as its special license server app, which can run on the one remaining PC if Parallels doesn't like the USB license key). Should the PostgreSQL server be in Windows or Mac? (Only Windows would access this service.)
3) We need some means of remote login for the medical programs; should the virtual Windows server just run Terminal Services / RDP, or does Mac OS X Server provide an easier way?
4) We currently login to all workstations using the same AD account. Is this okay in the land of OpenDirectory, or should each workstation have a unique OD account? And, if we do continue to use just one account, would it be better to put the home folder on the server, or to backup the home folder from each workstation to the server via Time Machine?

I'm not very experienced with Mac OS X Server, but I do have experience with administrating Windows Server, Windows XP / 7, and Mac OS X. Like I said, all feedback is welcome. Thanks!

 

[santoslo]

This is a very complex setup...

DJLC,

The setup you are trying is very complex. My recommendation is to visit the local Apple store and speak with a rep that handles professional setups such as yours.

Another consideration is that the system complies with HIPAA standards, if it applies. But honestly, the better path is to stay with Windows machines because the software is Windows only and Windows PCs are cheaper. Plus, you will only be working in one environment, and not two under Apple and virtual PC.

Now, don't get me wrong, I am a Mac guy, but I have to admit that working on a Mac using virtual PC software is not the same as using a physical PC. Or, how about this, what if you still insisted in getting the Mac Mini's but ran the software under Bootcamp instead, that way you can run the software using the full power of the Intel processor. This setup will also allow your company make a smooth software transition if the software became available for Mac.

 

[DustinT]

I think Santasio put it well, this is a very complicated setup. I love Macs as much as anyone, but trying to virtualize a Windows environment like you talking about it more than double the work. If you could move the practice to a medical software that's Mac native, go for it. If you can move the practice to a SAAS solution, go for the Macs. But, running all those VM's uses more resources than needed and really complicates things for your users. If you really like the Mac Mini's for some reason, just use Bootcamp and make'em boot into Windows. Your users will thank you!

Oh, and definitely talk to the Mac Business Specialist locally, they will have more options for you.

 

[DJLC]

You both make good points. Honestly, the main reason we were looking at the Mac Minis is because they're actually cheaper than similar small business machines available from both Lenovo and Dell -- an i3 from both companies is more expensive than the Mac Mini i5 at $599. I also thought that with Time Machine, backups would be much more reliable and easier to manage. To be honest, I don't trust Symantec BackupExec packaging all our stuff into little proprietary files.

My thought on virtualization was to use the medical software in coherence mode, so it would be nearly transparent for office staff. In an ideal world, the virtualized Windows server would only be running MS SQL. But I'd have to play around and make sure the programs run correctly in this mode. I did recommend a switch to Eden, a Mac-based SaaS option. But even with this, the program that handles before and after photos (Canfield Mirror) cannot be replaced; there's simply nothing else like it available that I'm aware of.

I'll continue to research. Meanwhile, I did already give my boss a proposal outlining costs for Mac Minis, as well as several options for new PCs. I expect him to make his decision next week sometime. If he does go Mac, I'll likely play with this setup as proposed, but if it gets out of hand I can always just Bootcamp everything.

 

[macsmurf]

In any case you'll need to manage Windows. The fact that the machines are virtual doesn't change that. You also need a backup scheme. Time Machine does not backup Windows virtual machines in a reasonable manner.

Mac minis might be a cheap option for you but they can run Windows via Boot camp so that does not seem to be a compelling argument to run OS X

My question is: What is the added benefit of running OS X alongside Windows in this case? You seem to have experience with managing Windows in a business environment. There should be a very good reason for switching to a new and untested platform.

 

[DJLC]

I look at virtualization as a valid option because it sandboxes Windows entirely. Although this isn't entirely necessary, I feel like it would streamline the repair of Windows issues. On a workstation, I could simply replace the virtual machine with a copy of one from a working workstation. I don't know, a fun idea, but maybe a little too much.

MacPractice looks very enticing. Can you attest to it being a viable replacement for Canfield Mirror (formerly Canfield DermaGraphix)?

 

[Ccrew]

Can't do GPO without a domain, so that means AD and DNS will need to be on the Windows box

 

[Sirolway]

Hosting a database on a virtual machine is not ideal - they like to take over the physical hardware so you'd be better having a Windows Server somewhere (even if it's running on Mac mini hardware installed with Windows).

You could then possibly use remote desktop (VNC?) to give your Mac users a Windows session when they need it for a Windows-specific bit of software. I seem to recall Windows Server 2008 enables you to host virtual remote sessions, which might be useful.

But if you did that, I'd be inclined to have 1x Windows Mac mini with the database & 1x Windows Mac mini with the virtual sessions.

It might be a good idea to introduce 1x OS X Mac now to see how the users get on with them - you want to sell it hard & hold their hand so that you get an evangelist; these switches are most successful when the business 'pulls' (i.e. demands) them, rather than when IT 'pushes' them on people ..

Do you have any home-Mac fans amongst the users already? Perhaps they could be your guinea pig...

 

[DJLC]

CCrew: This is true, although I could do a local GPO. Although that would more or less lock me out of the virtual machine.

Sirolway: We have a few Mac fans, and the doctor / owner is absolutely in love with his new iPhone and iPad. Medical software aside, I really think it's the right move for our staff. It will make it easier for them to handle everyday office tasks. Plus, a bunch of Mac Minis or iMacs would be absolutely gorgeous in our office, which is designed to be very relaxing, elegant, and spa-like.

Perhaps the best option, if we do keep the Windows software, would be this: keep the existing Windows Server for MS SQL, AD, and GPO. OS X Server could run a separate OD domain for the Macs or become the PDC. I will say, however, that if the quote I requested for MacPractice comes back as being similar to the cost of the Windows software, we'll probably go that direction.

 

[hvfsl]

Also what are you planning to do with your email? If you are currently using exchange on that Windows server, I would keep it on there (as it has a lot of features to do with mailbox sharing/permissions that other email servers don't have). But if you really want to move away from MS, considering you have only a few users, I would look at going googlemail (you can use your domain name). IIRC it is free for up to 25 users. Plus they offer some pretty nice tools to migrate from exchange.

 

[DJLC]

Wirelessly posted (Mozilla/5.0 (iPhone; CPU iPhone OS 5_0_1 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko) Version/5.1 Mobile/9A405 Safari/7534.48.3)

No worries with email. I've kept all our web stuff entirely independent from the Windows server, and we've been using Google mail for a number of years now.

 

[drpiety]

Interesting thread, I am head and neck surgeon with my plastic surgeon wife and we have the same problem. Canfield mirror, awful support at least in Europe and highly overpriced, is important to us too. Until my German practice software is not making an OSX version I am completely tied to windows which I hate from the bottom of my heart, feeling like a betatester since windows 3.1. Until OSX and Apple win much more floor on the market I don't see a possibility for me to change servers. I am running a 2003 server with XP clients. And I also need German software, everything is too specific considering insurance etc. here. I run parallels on some Imacs and XP there as when I upgrade PCs I am replacing them with macs. (XP does not run on bootcamp on latest Imacs anymore)

 

[Eric M]

Virtualize everything?

...and how about getting 1 decent server and just run W7 VMs for each workstation in use so they can use RDP (or Splashtop) on their MACs and just connect to their assigned VMs?
This solution gives you freedom to use whatever hardware platform you want and at the same time offers snapshot backups and the ability to use GPOs to enforce policies on the Windows network.
The free ESXi5/VSphere5 option can do all that and more.

I did something similar not so long ago for a customer switching to MACs in the surgery - replaced all old workstations with iMacs (the cheapest £999 versions) and replaced old server infrastructure with a new Dell PowerEdge +Qnap Rack-mountable NAS. At the end it worked out probably about a £1000 over the budget but the customer already saved that much on support calls...
Just my 2p

 

[wilsonlaidlaw]

Lack of medical practice management software for Mac

We are just in the process of trying to computerise my wife's Physiotherapy practice. We have been all Mac for years and are not about to change. We currently only run simple billing and separate accounting software. We want the individual practitioners to use iPads with styli which will save to the cloud for their patient noting. This is proceeding fine and will solve the patient note issue within a few months once development is finished.

What we don't have is a European orientated integrated practice management software, which will handle the diary, billing and accounting. We would want to have a link to patient note system running on the iPads/cloud as well. There are a number of Windoze programs which will handle this but as far as I can find, nothing for Mac. The US programs are of very limited use, due to the very different billing and accounting systems in use there. Any suggestions anyone?

 

[sml307]

Mac EMR and Canfield Mirror

Really interesting thread. I am a doc joining a plastic surgery practice that has no EMR. They use nextech for scheduling and they use Canfield Mirror for photo mgmt. They are PC-based. I would like to move to Macs. Any thoughts on best Mac or web-based EMRs? And any way to get them to interface with Canfield system? Thanks.

 

[pertusis1]

Look at macpractice. It is a really slick product for a smallish practice.

 

[DJLC]

Here's my update...

The boss likes to drag his feet a little, so we haven't actually bought anything (except for a super awesome Meraki firewall / WAP). We looked at MacPractice, but the costs to switch and import all our data are prohibitive (>$20k). In addition, although it can handle before/after images to an extent, it isn't ideal. The MP imaging functionality is designed for x-rays. That said, the boss has switched to Mac personally, and is sold on the benefits of having Macs in his business.

The plan at this point is to upgrade to the latest SOAPware because we can take advantage of upgrade pricing. We'll keep Canfield Mirror on board to handle before / after images. I've heard unofficially from a SOAPware reseller that there are some SOAP techs that run the software in VMs on Mac with good results. I did mention the idea to Canfield, who wasn't at all supportive, but preliminary testing shows that it does work.

Meanwhile, I have successfully transitioned two other medical practices to Mac. They both use a combo of iMacs and Mac Minis with the medical software running in virtualized Windows XP. They have full Windows 2003 servers to hand out GPOs and serve the databases. After some "switching pains," the office staff love their Macs! They've been running this setup for almost a year.

From my side, it's easier to administer. If a medical app is acting up, I can just copy a fresh VM over. I don't have to waste any time mucking around with Windows issues. It's also inherently more secure — Windows isn't being used to browse the web or open emails. I can confirm that SOAPware, Medisoft, and Office Hours run well in a virtualized environment — including in Parallels' Coherence mode.

I will mention that we've had a little trouble with Windows dropping the network connection when the Mac goes to sleep. It's not that this behavior is unexpected, but if medical software is left open it results in a loop of error messages. We've also had trouble with reliability when there's only one network connection; luckily I've been able to give most the Macs both gigE and wifi connections. Finally, I'll note that I've been binding the VMs to the AD domain, but not the Macs.

I understand that this setup is perhaps more complicated than running the offices on PCs, but I think the pros outweigh the cons. In addition, the doctors that own these businesses like to keep stuff for a LONG time; these Macs will age more gracefully than any PC on the market. The practice that inspired this thread is running on hardware that's nearly a decade old. The two offices that have switched call me a LOT less; admittedly I did shoot myself in the foot from a money-making perspective, but my time is becoming more limited.

Really interesting thread. I am a doc joining a plastic surgery practice that has no EMR. They use nextech for scheduling and they use Canfield Mirror for photo mgmt. They are PC-based. I would like to move to Macs. Any thoughts on best Mac or web-based EMRs? And any way to get them to interface with Canfield system? Thanks.

If you have no EMR, I recommend MacPractice or SOAPware for EMR. MP will cost you more, but is Mac native. SOAPware will be a little less, but is less "cool" and would need to be virtualized (although this is a non-issue as mentioned above). Both are good solutions, and both handle EMR, scheduling, and billing (including insurace). That said, I also recommend you keep Canfield Mirror on board. There really is no replacement that I know of. I am not aware of a way to link Mirror to anything; although I'm sure it can be done, this practice already has 10+ years of records segmented into three different databases (two MSSQL, one Advantage). That said, I'm not confident Mirror would link to MP or SOAP; Mirror is MSSQL based, MP I think is PostgreSQL, and SOAPware has transitioned from MSSQL to PostgreSQL.