With 170,000 healthcare providers in the province of Ontario, OTN provides a vital role in servicing patients remotely. Starting out in primarily rural areas, where distance to the nearest healthcare provider would drive patients to undertake video consults with GPs and specialists, OTN has expanded to target support for care in urban areas, particularly from home, where patients are equally keen to explore digital means of connecting with their care providers, through video, texting, etc.
New healthcare providers come on board all the time; OTN estimates it registers 1,300 new users per quarter in a system completely focused on security and privacy protection. Identity verification is no easy task, as Alex Reidiboim, Lead Solution Architect, OTN, explains: “To provision a new user would take over an hour, with lots of copy and pasting of information into our different systems. Privacy and security are the foundations upon which our network is built, and we must ensure data accuracy for our users. Our aim is to ultimately have all Ontario healthcare providers in our network, and we realized that our identity, access control, provisioning and on-boarding processes needed to be optimal.
OTN was looking for an innovative solution to integrate identity and access control through configurable workflows and deliver single signon for modern, federation-supported applications as well as legacy applications. OTN sought an event-driven solution, so there would be no need for batch processing; modifications are reflected in all systems in real time.
A thorough market evaluation looked at identity and access management solutions from Oracle, CA, IBM, and Micro Focus. NetIQ Identity Manager and NetIQ Access Manager® provided the event-driven approach OTN was looking for and the decision to implement was made.
OTN partners with eHealth Ontario, a government organization that uses an identity system to on board healthcare providers. OTN sends the on-boarding requests to eHealth Ontario and through a federated identity workflow uses Access Manager and Identity Manager to apply a rule-set, based on the users’ role, determining required system access. Automated Identity Manager workflows are used to populate various CRM and support systems. If the user requires access to a legacy application, Access Manager takes the information from the front end and populates it with form filling through a gateway.
Says Alex Reidiboim, on the use of the Micro Focus solutions: “Providing a seamless user experience was key for us in this project. Access Manager is used to provide single sign-on access to all our web applications and multiple application back ends are consolidated into a single user experience. Role-based provisioning ensures the right system access for every user.
Identity Manager and Access Manager provide a single source of truth for auditing and compliance purposes. User access rights are clearly reflected and always up-to-date. Automating a previously manual user deprovisioning process prevents any potential security breaches as user access is now blocked instantly.