Solo contractor delivering complete network and security stack deployments across 4 healthcare clinic sites across Ontario and British Columbia — Unifi infrastructure, Datto RMM, EDR rollout, legacy server resolution, and zero unresolved critical issues at project handoff on every engagement.
| Field | Detail |
|---|---|
| Client | Regional MSP — healthcare clinic chain (anonymized) |
| Scope | 4 clinic sites: 2 in Ontario · 2 in British Columbia |
| Role | Solo on-site contractor — full deployment ownership |
| Deliverables | Network refresh, EDR rollout, RMM onboarding, legacy issue resolution, documentation |
| Outcome | Zero unresolved critical issues at handoff on all 4 engagements |
| Tools | Unifi Cloud Gateway, UniFi switches/APs, Datto RMM, EDR/AV platform, Windows Server, Practice Management Software |
Engaged by a regional MSP as an independent contractor to execute on-site infrastructure deployments and remediation at healthcare clinic locations. Each engagement was scoped, scheduled, and executed independently — no senior technician on-site, no local IT contact at the client. Remote BC sites required advance equipment shipping and pre-agreed deployment windows with the clinic. Every site required full technical ownership from equipment installation through to stakeholder sign-off and formal written documentation of every resolution.
Healthcare clinic environments present unique IT challenges: clinical software integrates directly with imaging hardware, payment terminals, and practice management systems — all of which must remain operational during and after any network change. Downtime directly impacts patient scheduling and revenue. Every engagement was planned around maintaining clinical continuity with zero disruption to patient care.
Every site had pre-existing technical debt that required diagnosis and resolution before the new infrastructure could be stood up cleanly. The most common category was legacy Windows Server architecture causing domain-join failures — workstations unable to authenticate to the domain due to DNS misconfiguration, stale AD objects, or outdated server configurations.
| Issue | Root Cause | Resolution |
|---|---|---|
| Domain-joined devices failing to authenticate | DNS pointing to incorrect/stale DC; stale AD computer objects with conflicting records | Corrected primary DNS on affected workstations; flushed and re-registered DNS; cleaned stale AD objects; rejoined affected machines |
| Clinical tablets not connecting post-cutover | VLAN assignment mismatch after network migration; device firmware assuming flat network | Corrected VLAN tag on switchport; verified NIC config; confirmed practice management software connectivity |
| Imaging hardware connectivity loss | Imaging software bound to previous router IP; DHCP scope changed during migration | Assigned static IP reservation in gateway DHCP; updated software network config; verified imaging connectivity with clinic staff |
| Payment terminals offline | Terminal required specific firewall outbound rules for payment gateway | Identified required destination ports via vendor documentation; created targeted outbound allow rules; tested live transaction |
| Practice management software failing to load | SSL inspection on new gateway blocking vendor CDN endpoints | Added vendor domain exceptions to SSL inspection policy; verified full clinical workflow with office manager before handoff |
Each engagement followed a structured workflow designed to minimize clinical disruption:
Pre-deployment:
→ Site survey (network layout, existing equipment, device count)
→ Identify maintenance window (typically early morning before patient hours)
→ Prepare gateway config template, RMM deployment package, documentation template
Day of deployment:
→ Install physical hardware (gateway, switches, APs) during maintenance window
→ Configure network — VLANs, SSIDs, DHCP scopes, firewall rules
→ Migrate all devices to new network; verify each device type individually
→ Deploy RMM + EDR to all endpoints; verify enrollment
→ Resolve any connectivity issues found during migration
→ Run full clinical workflow test with staff (imaging, practice management, payment terminal)
Post-deployment:
→ Produce formal documentation of all changes and resolutions
→ Hand off to clinic manager with walkthrough of new WiFi SSIDs and support process
→ Submit completed deployment report to MSPTwo of the four sites required travel to British Columbia — executed as 2–3 day on-site trips. The remote nature of these engagements added coordination complexity: all equipment had to be shipped ahead, deployment windows were pre-agreed with the clinic, and any issues had to be resolved on-site with no option for a next-day return visit. Both BC sites were completed within the allocated window with zero issues requiring follow-up.
Every engagement concluded with written documentation submitted to the MSP and retained for the client:
| Metric | Result |
|---|---|
| Sites deployed | 4 (2 Ontario · 2 British Columbia) |
| Unresolved critical issues at handoff | Zero across all engagements |
| Clinical systems verified operational | Imaging hardware, practice management software, payment terminals — all confirmed at each site |
| Remote monitoring coverage | 100% of endpoints enrolled in Datto RMM before departure |
| Documentation | Full topology + resolution log delivered at each engagement |