Every DSO has an onboarding playbook for the clinical side. Very few have one for IT and security that's actually time-bound. Without it, each new acquisition extends your risk surface for months while inconsistent vendors, unknown backups, and orphaned admin accounts sit inside your perimeter.

Our 14-day runbook is three phases: Discover (days 0–3), Standardize (days 4–10), and Cut over (days 11–14). Discovery collects every asset, credential, vendor contract, and BAA. Standardization deploys your EDR, identity, email security, backup, and help desk tooling to every endpoint. Cutover decommissions the prior stack and hands off to your central SOC.

The key to hitting the 14-day mark isn't speed — it's templates. A reusable asset discovery script, a pre-built endpoint configuration, a standard identity tenant invite, and a standard backup policy mean you're deploying a known-good baseline instead of designing one. The variance becomes the practice's data, not its architecture.

On day 15, the acquired practice has one help desk number, one security dashboard, and one invoice. That's what "integrated" actually looks like.