I wanted to preface with why SnoLabs is starting to offer IT services.
Over the past year, I started to open up my IT/Development services, and as it happened, the sleep clinic I used to manage needed help with hybrid telehealth. The provider was taking care of someone at home while running the practice, so he needed help, and their current IT person wasn't able to keep up.
We trialed and errored many tests and hardware to find the ideal solution, and where there wasn't one, we had to devise a solution.
For a sleep clinic, for example, they needed to be able to do live lung auscultation—listening to breath sounds. Our problem was the audio quality over the network with commercially available apps. The hardware Ri-Sonic and Eko stethoscopes were great, but the provider couldn't utilize them. So we came up with a solution I like to call OnyxStudio.
It takes any Bluetooth audio transfer over Bluetooth 5.3 to convert to analog and then back to digital to deploy through some custom software. We take the extra step to ensure other malicious actors cannot abuse the Bluetooth feature.
I do not know about you, but things happen. I love to have failover. On top of the Eko Bluetooth Stethoscopes, we integrated any USB mic (Ri-Sonic USB Stethoscope) so it can be plugged in and securely delivered to the provider along with a web interface.
I'm considering offering it as a one-time product with no subscription fees. Still, I'm also considering making a YouTube / Blog post for anyone anywhere, as it could help more providers.
If you are interested in your practice or would like to learn how to build one yourself, please let us know!
As you may have browsed the website, we sell 3D printing-related items. Unfortunately, this has died down due to a mistake I made with SnoDry (our patent-pending filament dehydrating solution). I've devised a plan to turn things around, with IT being a core foundation.
Only a handful of slots are available, so if you are a business that helps others and think we can help, please get in touch!
Pricing-wise, we should ideally follow industry standards, but I recognize the insurance payout trend and the burden it places on small practices. Please get in touch; we will try to work with you.
Pricing is currently based on endpoints with operating systems, network monitoring, frequency/length of support calls*, and adjustments to the frequency of the on-site audits.
We're familiar with CIS, HIPAA, HITECH, and other industry regulations like the New York Shield Act, ISO27001, PCI, etc.
I've built a tool that compiles the rules into checklists for us (~9400 advisories, all categorized by regulation and under CIS guidance)
I've boiled down this workflow to help ensure we can keep you secure and compliant.
SnoLabs will log all enterprise assets into an asset management system, which will allow for the tracking of each asset and its system components throughout its lifecycle.
SnoLabs will review whether enterprise assets are configured securely to meet the organization's security requirements and needs.
SnoLabs will identify required functions, ports, protocols, software, and services.
SnoLabs will limit the required connections and services on enterprise assets to only those necessary for the asset to function correctly and make it available to end-users.
Snolabs will follow guidance on asset management and monitoring to prevent unauthorized connections and use on all enterprise assets.
SnoLabs will patch the system to ensure it aligns with the approved baseline.
SnoLabs regularly reviews compliance policy guidance to ensure that the system meets the organization's security requirements.
SnoLabs will remove all ePHI and other sensitive data from digital assets before disposal.
SnoLabs will ensure that all enterprise assets are disposed of securely and competently in a compliant manner.
Acquisition
SnoLabs will validate vendors and suppliers to ensure they meet the organization's objectives, security requirements, and budgetary constraints.
Sorry, have to add the sales page here...
Seamless Compliance & Cutting-Edge Technology – Your Trusted IT Partner
In today's fast-evolving digital landscape, medical and dental offices face increasing challenges in compliance, security, and efficiency. With stringent HIPAA regulations, cybersecurity threats, and the complexities of modern patient care, your practice needs more than just an IT provider—you need a partner who understands healthcare inside and out.
That's where we come in. Expanding from our expertise in precision technology, 3D printing, and front-end, and back-end development, we now offer specialized Healthcare IT solutions across New York City, Rockland County, Westchester County, Bergen County, Passaic County, and Orange County. Our mission is simple: Empower your practice with reliable, secure, and fully compliant IT infrastructure so you can focus on what matters most—your patients.
Why Choose Us?
✔ Expertise in Healthcare Compliance - Stay ahead of regulatory requirements
We know the administrative burden of numerous compliance requirements. We do everything necessary to help minimize legal risk by keeping you in compliance with HIPAA, HITECH, and industry regulations (NY SHIELD Act, ISO27001, PCI, etc.). We ensure your practice meets and maintains HIPAA, HITECH, and other industry regulations, minimizing risks and safeguarding patient data.
✔ Comprehensive IT Solutions
From cloud-based EHR integrations to secure network setups and remote monitoring, we provide end-to-end IT support tailored to healthcare needs.
✔ Cybersecurity You Can Trust
Ransomware, phishing, and data breaches pose serious threats to medical practices. We implement robust security measures to protect your sensitive information.
✔ 24/7 Support & Monitoring
Healthcare runs around the clock, and so do we. Our dedicated team is available to resolve IT issues before they disrupt your operations.
✔ Advanced Data Protection –
Secure your practice's sensitive patient data with strong security measures, including advanced encryption, multi-factor authentication, secure password protocols, real-time threat monitoring, and regular system updates to prevent breaches and ensure HIPAA compliance.
✔ Seamless Technology Integration
Whether it's upgrading your telehealth services, optimizing workflows, or streamlining digital imaging, we align technology with your practice's goals.
✔ Locally-Based, Trusted Service
Serving the tristate, we're committed to providing personalized, on-site support when needed.
✔ Your Technology Partner
We research your specific business needs, goals, and nice-to-haves to ensure a secure setup with ongoing monitoring to ensure security and compliance across your organization.
We have 3D printers, hardware, electronics, and software engineers to assist with any project.
For one client, we created a device called OnyxStudio, which relays live stethoscope auscultation to a remote provider for hybrid telehealth. They also utilize our secure remote desktop services, backed by 2 Factor, to assist their medical assistants in setting up visuals.
Let’s discuss how we can keep your practice safe!
Overcoming Compliance & IT Challenges
Medical and dental offices struggle with:
Regulatory Complexity – Navigating HIPAA, GDPR, and state-specific laws can be overwhelming.
Cybersecurity Risks – Patient data is a prime target for cybercriminals.
Outdated Systems – Legacy technology slows down workflows and patient care.
IT Downtime – System failures mean lost revenue and frustrated patients.
Inefficient Operations – Lack of integration between EHRs, scheduling, and billing systems can hurt productivity.
Our Healthcare IT Solutions eliminate these roadblocks, ensuring compliance, security, and efficiency in one seamless package.
What to expect
Onboarding
During the onboarding process, we will cover your enterprise assets (anything that receives, transmits, or stores PHI), software assets (business-specific needs and desires, and what's on hand), data assets (whether physical, virtual, or cloud), and identity assets across these, coordinating with your HR Team for up-to-date employee lists. We'll also create the required documentation with business justifications for compliance requirements.
Expect to see some of our asset tags across your devices. They're part of our enterprise asset inventory, so anyone can identify things that do not belong and provide support information so users can easily contact us.
We will need your help to establish the following:
- Your known business-specific requirements
- Working hours,
- Organizational roles and their access levels
- Service providers like your internet, phone, and fax providers. (Yep, 2025 and we still use faxing :))
- +It would also help to have user hours to restrict out-of-bounds and/or monitor for it.
These are some of the things we have to do for healthcare compliance:
- Physical Security Assessment
- Network Architecture Diagram
- Data Inventory and Handling
- Data Flow Diagram
- Disaster Recovery Plan
Procedures to restore data loss. See 3-2-1 Rule or High Available Setup. - Data Retention and Disposal Requirements
- Identity Assets Lifecycle including Employee Onboarding and Offboarding
- Incident Response Policy
Maintainance/Monitoring
As it happens
You have patients. If you need help, we will be there for you. I want you to be able to focus on patients while we deal with the nuances of running an office. Whether it's on-site or remote support, do not worry.
We have you covered from user activity to system components to software activity to network and firewall logs.
Daily
We work behind the scenes, reviewing all security events, critical system components, and servers that perform security functions to ensure your systems are safe.
We actively monitor your networks for new devices utilizing active discovery scans.
We try to time maintenance schedules for patching and upkeep during off-hours, but we are required to maintain a schedule for important vulnerability (doors that malicious actors can exploit) announcements.
We constantly monitor your systems to look for unusual activity as per requirement. It's not uncommon for us to confirm whether a log-in was really you or not, especially if it's unusual for that user's normal activity. I realize it's annoying, but ensuring malicious actors don't access your systems is necessary.
Weekly
We review your assets through passive discovery scans.
We must run your backups at least weekly to ensure all data is safe and that at least one copy is off-site in a secured location.
Monthly
Hardware gets old, and software gets out-of-date. At least monthly, we check for end-of-life (EOL) and end-of-support (EOS) so we can keep you aware of any foreseeable costs in hardware or software.
Just backing up is not enough. Backups must be tested at least monthly to ensure you have a fallback.
We're required to check for disabled accounts every 45 days, so please expect a message about changes to your staffing and users every month.
Quarterly - On-site, per site
Although we are only required to do bi-annual on-site audits, servers get dirty! We have some special ESD-safe vacuums/blowers for electronic equipment that we use to ensure your servers are running smoothly. The timeline depends upon your environment and dust control within the server area. Monitor and see, but every 2-3 months should be okay.
We will also conduct on-site audits in the event someone places a device that goes without notice. You would be surprised by our findings.
*If we need to come to sanitize and destroy equipment on site, it can be combined with the cleaning and quarterly checkup. We have secured offline erasers, duplicators, and portable crushers to meet NIST requirements (As per NIST SP 800-88 "Guidelines for Media Sanitization").
Bi-annually
We will have to assess the list of authorized software, libraries, and scripts. Do not worry if you don't understand what this means.
Software typically has building blocks starting with scripts.
Libraries will contain a collection of scripts that software applications rely upon to make their development easier.
This means the blocks get updated at different times, and we have to ensure there are no open doors.
Annually
We will conduct an inventory of data based on their classification labels and usage.
As a general reference, here are some of the other workflows.
Get Started Today!
Let us simplify your IT so you can focus on patient care. Schedule a consultation today to discover how we can streamline your technology while keeping your practice secure and compliant.
Call us at 858-SNO-LABS
Email us at ITSupport@SnoLabs.com
Visit us at SnoLabs.com
Your patients deserve the best care—make sure your technology helps, not hinders.