Goals: Securing Patient Information and A Better User Experience
Knowing that the healthcare industry is a top target for data breaches, a large/mid-sized healthcare provider was determined to heighten protection of sensitive patient information and meet the growing information security requirements mandated by the U.S. Government. Beyond security, it sought to replace password/usernames with an approach that would ensure fast and convenient access to data for medical personnel who were busy delivering care and needed to stay productive.
The provider was keen to have a customizable solution -- tailored to the level of protection and support for its specific user population. It was also eager to end its reliance on multiple providers that left the organization vulnerable to gaps in security and proved challenging to manage. Overall, the provider wanted to meet these needs while controlling costs and working with existing infrastructure where possible.
The Solution: Multi-Factor Authentication – Customized and Integrated
With the help of Axiad’s expert use case analysis and technical assessment, the healthcare provider selected a HIPAA-compliant, multi-factor authentication solution with secure single sign-on capabilities. With a Trusted Identities solution, the company would be confident that the right users would be able to access data at the right levels – throughout the lifecycle of their identity credential. The solution was powered by NetIQ Advanced Authentication from MicroFocus, and industry-leading cards, readers, biometrics and printers from HID Global.
The healthcare provider also opted for an integrated solution that was flexible and extendible. It could easily accommodate the company’s identity and access needs for temporary and partial workers, electronic prescriptions, and quick log-in/seamless authentication pass-through between devices and EMR applications. The system also allowed for the addition of email encryption, digital signatures, secure printing and on-line controlled substance prescriptions.
The Impact: Secure, Convenient and Cost-Effective
The healthcare provider successfully deployed a simple yet secure solution. By removing password vulnerabilities, the MFA solution reduced the risk of breach and addressed the company’s healthcare compliance requirements. The “NetIQ Secure Login” eliminated the need to support a help desk or invest in back-end servers or infrastructure additions, making it quicker and cost-effective to deploy.
While simple and secure, the solution also improved workflow efficiency and the user experience. A fast and easy sign-in and ‘follow-me’ login feature allowed staff to move between workstations quickly. A single card combining logical and physical access allowed medical staff to easily move in and out of cloud apps, Windows and facilities. Plus, the converged card did not require disruption of the PACS system already in place, which limited infrastructure investments and accelerated deployment. The healthcare provider also retained the freedom to choose from among a broad range of authentication devices.
Axiad IDS helped the healthcare provider at every step of the deployment – from technical assessment and integration with existing systems, to remote and post-deployment assistance. A holistic approach from a single point of contact reduced the complexity of deployment and better supports changing security and authentication needs over time.