May 15 2009

Sign of the Times

As the government promotes universal electronic medical records, single sign-on technology gains momentum.

Federal healthcare providers must balance control of patient information with ease of data access. Single sign-on (SSO) technology offers a viable solution, especially when tied to the government’s ongoing efforts to develop secure and reliable ID verification for those who need access to government networks.

Federal healthcare providers must balance control of patient information with ease of data access. Single sign-on (SSO) technology offers a viable solution, especially when tied to the government’s ongoing efforts to develop secure and reliable ID verification for those who need access to government networks.

Healthcare SSO technology helps providers access systems and applications through a single authentication action that might combine a simple password and fingerprint scan or other biometric security element.

There are different types of single sign-on technologies. For instance, web SSO targets a user’s internal or external web portal. Conversely, enterprise SSO targets a user’s desktop sign-on, enabling access to enterprisewide systems and applications through a single authentication.

In Demand

No matter the delivery model, SSO consistently remains top of mind as a healthcare technology priority. In its annual survey, the Healthcare Information and Management Systems Society noted that moving to SSO ranked among the top 10 IT priorities for healthcare organizations over the next two years. SSO leads all other IT security categories, including disaster recovery, e-mail encryption and intrusion detection.

SSO, which can be deployed as part of a broader identity and access management initiative, protects patient information from unauthorized access. It also must let authorized healthcare personnel authenticate to the healthcare network and gain access to the multiple systems that healthcare organizations find critical to good patient care.

Ideally, in a healthcare environment, this would be invisible to practitioners. Technology manufacturers are also sensitive to the fact that healthcare IT shops need the ability to set up SSO programs in hours, not days. One manufacturer, Imprivata, offers an SSO “black box” appliance that addresses digital authentication. The Imprivata SSO tool provides a password and biometric authentication, such as a fingerprint scan, to gain access to applications. The overall strategy is to reduce complexity while still providing necessary security for IT access.

“We have to be noninvasive,” says David Ting, founder and chief technology officer of Imprivata. “Healthcare providers have told us to ‘get IT out of the way and let me treat the patient,’ so we have to slot right in without getting a development team involved.”

This scenario is reflected at Glencoe Regional Health Services. The healthcare provider, based in Glencoe, Minn., currently uses Imprivata single sign-on devices to power an SSO strategy for its main facility and two satellite offices. With approximately 360 doctors, nurses and other clinicians using the technology, Glencoe Regional found the benefits of SSO can multiple quickly.

Keystroke Mania

Michael Sprandel, network administrator for Glencoe Regional, performed simple calculations to determine if there was an efficiency benefit beyond providing better security. Based on the number of logins required per system and the number of patients seen per hour — about four — Sprandel determined that practitioners were logging in to data systems almost 100 times during an eight-hour shift and performing more than 1,200 keystrokes.

“These estimates are extremely conservative,” says Sprandel. “Many of our practitioners are seeing double the average number of patients per hour.”

With SSO installed, Glencoe Regional users gained time savings, avoiding constant login and logout scenarios. “Everyone in the practice now wants [SSO] access to solve this problem,” he says.

36% Healthcare organizations using single sign-on

49% Organizations that plan to use
single sign-on by 2011

SOURCE: Healthcare Information and Management Systems Society Leadership Survey, 2008

Glencoe Regional’s business office is also using SSO for claims submission and claims management processes, an unanticipated additional benefit.

“We found that [administrative users] typically had more than 20 passwords to juggle as well,” says Sprandel. SSO speeds their access to different systems used to enter and remediate patients’ medical insurance claims. There is a push to authorize patient insurance and verify coverage before patients receive care; SSO helps in this regard.

“It is turning into an end-to-end solution for the entire process,” he says.

Sprandel says that the SSO device was also cost-effective and worked with all existing healthcare information systems used at Glencoe Regional. The healthcare provider plans to ratchet up security by increasing the number of authentication factors needed to log in to the network.

Other users cite flexibility and automation as the main drivers for SSO adoption. As the number of passwords explodes for many employees, security solutions need to address convenience.

“Technology should make people’s lives easier, and SSO does that,” says Rifat Ikram, vice president of electronic delivery and support services for the Justice Federal Credit Union in Chantilly, Va.

The nationwide credit union has more than 150 users of Imprivata SSO products. Some employees were juggling as many as 50 passwords, which prompted the credit union to act. It uses fingerprint biometrics for identification and will expand that to include proximity cards. The solution also automatically resets passwords for employees after specific time periods.

The experiences at Glencoe Regional and Justice Federal illustrate how SSO creates value, says Gerry Gebel, vice president and service director for Burton Group Identity and Privacy Strategies. “The next step beyond security is productivity enhancement,” Gebel says. “Many hospital environments don’t have a lot of extra people or time to help in the data acquisition process, so SSO is a benefit.”

Anywhere and Everywhere

Gebel also points to other positive aspects of SSO technology, such as providing a single point of integration for security tokens, readers and other strong authentication methods.

He also says that many doctors now want to review medical records from home. With SSO, doctors have extra security that allows such “pre-care” work to occur outside the medical facility.

“Without SSO, many healthcare organizations were afraid to put this information over the Internet,” says Gebel.

SSO is typically part of a larger security and integration strategy that can include multiple technologies and other forms of user authentication, such as biometrics, smart cards and proximity cards. When partnered with context management solutions, SSO provides even greater value.

This answers the question of what automation tools healthcare providers should employ with SSO to improve patient care. The combination of SSO and context management allows convenient access to basic patient records as well as the ability to launch systems to provide doctors with laboratory, radiology or cardiology information automatically.

“This gives doctors all the information they need for complete patient care,” says Imprivata’s Ting.