Azure Cloud Migration Case Study | Ingress IT Services

The Situation

End-of-life VMware in a healthcare environment

A 7-hospital regional health system had aging VMware infrastructure facing end of support in 18 months. With 12,000 staff, Epic EMR as the clinical backbone, and HIPAA as a non-negotiable constraint, this was a controlled migration, not a crisis response. But the timeline was fixed.

Health systems are unique in cloud

Unlike enterprise IT, healthcare migrations must handle patient data sovereignty, audit trails, Epic integration, and radiological imaging workloads with strict latency requirements. Every migration decision has clinical implications.

HIPAA boundary. Patient data never leaves a compliant environment, and every hypervisor, network path, and backup must be auditable.
Epic dependencies. Electronic health records, pharmacy, lab systems all interconnected. A single failed reboot cascades across hospitals.
24/7 operations. Downtime is not acceptable. No weekend cutover windows, no "maintenance mode."
Imaging workloads. DICOM (radiology) data is large, latency-sensitive, and must be archived for legal compliance.
Compliance audit trail. Every change, every access, every configuration must be logged and defensible to regulators.

How We Migrated

Phased approach, low-risk first

Azure Landing Zone & HIPAA Baseline

Built a HIPAA-compliant Azure environment with encrypted vaults, network isolation (hub-and-spoke), Azure Policy guardrails, and audit logging. Created separate subscriptions for production and dev. Registered with Azure in their HIPAA BAA program.

Months 1-2Infrastructure

Epic Dependency Mapping & Testing

Created a detailed map of all Epic dependencies: database servers, application servers, interfaces, and integrations. Tested every connectivity path from Azure to on-premises and between hospitals. Identified and resolved latency issues for DICOM imaging.

Months 2-3Planning

Wave 1: Non-Critical Systems

Migrated 40 VMs (development, QA, administrative workloads) to validate process and tooling. File services, backup infrastructure, and test environments moved first. Allowed team to establish playbooks with zero production impact.

Months 4-5Execution

Wave 2: Supporting Clinical Systems

Migrated 90 VMs: database servers, interfaces, lab and pharmacy systems. Each system tested for performance and HIPAA compliance before go-live. Epic integration points validated continuously.

Months 6-10Execution

Wave 3: Core Epic Infrastructure

Migrated the Epic production environment itself: database, application servers, and all integrated systems. Coordinated with hospital operations. Zero patient impact. Hypercare team on standby for 2 weeks post-migration.

Months 11-13Execution

Decommission On-Premises & Optimize

Retired VMware infrastructure once 100% migration confidence was reached. Optimized Azure resources based on post-migration usage patterns. Established Azure Monitor dashboard and cost management controls.

Month 14Handoff

What We Delivered

Clinical continuity, compliance, and cost

200+ VMs

Migrated to Azure

Across all 7 hospitals. Production Epic environment, clinical databases, imaging systems, and all supporting infrastructure. Zero systems left on VMware.

0 HIPAA

Incidents during migration

Every patient record, every audit log, every change order remained compliant. No data exfiltration, no unauthorized access, no compliance gaps discovered post-migration.

38%

Infrastructure cost reduction

Post-migration optimizations, Reserved Instances, and elimination of aging hardware support contracts. Year 1 savings offset migration costs.

Why On Time?

Dependency-first planning meets operational reality

Most cloud migrations slip because teams underestimate dependencies. We started by mapping Epic, not by counting VMs. That changed everything.

Respect for healthcare operations

We did not impose a generic migration timeline on clinical staff. Instead, we adapted to their calendar: oncology rotations, surgical schedules, critical staffing periods. Migrations happened outside peak clinical demand. Hypercare teams worked nights and weekends so hospitals did not have to.

Clinical calendar integration. Scheduled migrations around elective surgery blocks and known staffing changes.
Hypercare on our dime. Ingress engineers staffed 24/7 support for 2 weeks post-cutover, not the hospital IT team.
Automated monitoring. Azure Monitor dashboards tracked Epic response times, database performance, and network latency in real-time.
Rollback plans written first. Every migration had a documented rollback procedure, reviewed and approved by hospital operations.
Regular stakeholder updates. Weekly briefings to hospital leadership, CIO, and Epic administrators, transparent about progress and risk.

Technology Stack

Azure + Epic + HIPAA compliance by design

Azure Landing Zone

Hub-and-spoke network architecture with HIPAA-compliant baseline, Azure Policy guardrails, and encrypted vaults.

Azure Migrate

Assessment and replication for VMware-to-Azure migrations. Dependency mapping for Epic integration validation.

Terraform IaC

Infrastructure as code for reproducible, auditable deployments. All Azure resources version-controlled in Git.

Azure Monitor + Defender

Continuous monitoring of application performance, security events, and compliance posture. HIPAA-compliant logging and alerting.

Start a conversation

Tell us what's worth doing.

// 30 minutes → a written brief.

Bring the problem. We'll come back with a written brief: what to build, what to defer, and where AI actually moves the number. No deck pitches.

Book a 30-min call →All case studies

Emailconnect@ingressits.com

GSA MAS#47QTCA26D000K

Reply< 24 hrs

200 VMs. 7 hospitals. One Azure landing zone.