In the last 10 years, CHS has undergone massive acquisitive growth, adding over 150 new hospitals to its family. Having multiple applications across this many hospitals created an identity and access management challenge for the CHS IT team. For example, one of their acquired hospitals had their healthcare professionals accessing 13 different applications with 13 different logon credentials. Managing this for 2,700 users was very time-consuming, not to mention the time doctors were losing by having to log on to different applications up to 20 times a day, every time they saw a new patient.
Scott Breece, Chief Information Security Officer at CHS, was dedicated to tackling this problem: “You can imagine password problems were rife and we were dealing with over 2,000 issues every week. Our absolute priority is our doctor’s satisfaction and supporting them in providing excellent patient care. They need to move from application to application to deliver this and so we had to find a way for them to tap in and out of systems using a single sign-on mechanism.”
When CHS acquired 77 additional hospitals, the on boarding issues were starkly clear. Identities would need to be manually linked to a single authoritative source, for instance a payroll or HR system, and this could take up to 48 hours depending on how many tickets were managed. A structured solution was needed.
Breece and his team analyzed which applications doctors use so that these can be included in a start-up screen with a single sign-on facility. Interviews with business stakeholders followed and a full scoping document with a strategic identity and access management roadmap was produced. CHS manages over 280,000 users and needed to provide integration between 40-50 applications, so the team needed implementation support.
GCA, a Platinum partner, specializes in enabling and securing access to business data by managing digital identities and deployed the solution for CHS. Jim Quasius, President & CEO at GCA, comments: “Our team reviewed CHS’ existing workflows for access approvals, to identify gaps and ensure automated provisioning could be enabled. We developed a four-phased project blueprint that included automated user provisioning and password self-service functionality, to meet the most pressing requirements. We recommended NetIQ Identity Manager because of its scalability and performance in a high pressure environment.”
Breece comments on the choice: “Identity Manager offered the best workflow engine and the most robust identity management capabilities. More importantly for us, it gave us the most flexible and intuitive integration with our suite of clinical applications.”
Once the decision was made, Identity Manager was soon implemented. Automated workflows were introduced to give users the flexibility to move between departments. For example, a nurse normally working on the third floor of a hospital would only have access rights there. If she’s required to do a shift in the Emergency Department, temporary access rights can now be given without it affecting her normal access, all through a self-service model with built-in authorization levels.
Healthcare professionals performing dual roles are catered for too within the automated user provisioning system through role-based exception workflows. Managing these scenarios manually would regularly take 48-72 hours whereas now they are completed within minutes.
Doctors love the system, according to Breece: “Once our doctors saw what they could do with Identity Manager, we couldn’t get it rolled out fast enough. The word spread quickly and the productivity gain of logging in once a day and then being able to tap in and out with single sign-on throughout any of our hospitals is just enormous. Our doctor satisfaction is at an all-time high and they are just astounded that we could deliver a highly available and scalable solution to help with patient care.”
He concludes: “Through the single sign-on system and the self-service in place, we have halved the number of helpdesk tickets, freeing up our IT staff to support our increasing technology requirements as we grow. User on boarding has been completely transformed and the time to provision a new user has gone from weeks to just ten minutes. Micro Focus and GCA helped us support the critical drive for innovation in healthcare and have set us up for an exciting future.”