Dean Wiech, managing director of Tools4ever, a global provider of identity and access management solutions, has worked in healthcare for more than 25 years. Here, he discusses how IAM enhances the ROI for health systems, and how the solutions make patient care more efficient, how they work in healthcare, and how systems and records can be made more secure — for patients and providers — because of the technology.
Tell me about yourself and your experience in healthcare.
I have been actively selling software solutions in the healthcare market for 25 years. I have sold and/or managed teams in about 50 percent of the country. I have always focused on solutions that provided a definable ROI based on productivity and time savings.
Tell me about Tools4ever. How does the company serve the space? Tell me about your products and how they are used in healthcare.
Tools4ever is a company that focuses on the identity and access governance space. We assist the healthcare market in insuring that the lifecycle of user accounts are managed in a timely and accurate manner. We also have solutions that save care providers time by eliminating repetitive login tasks and avoiding the need to call the help desk for password resets
How is Tools4ever different than some of the competitors in your space?
I believe our primary differentiator is time to implement. We can get the basics up in running in a few days to a few weeks, depending on the solution. The majority of our competitors take months to years to complete an install. The result is the healthcare organization can realize a much quicker benefit from the product and a quicker ROI.
What’s your footprint like in healthcare and who are some of the organizations you work with? How do you help them?
We have numerous hospitals and long-term care providers across the country. One example is South County Hospital in Rhode Island. It utilizes our Self Service Reset Password Management (SSRPM) solution to allow end users to reset forgotten network passwords. We then synchronize that password to several other solutions to allow a reduction in the number of credentials the employee needs to remember.
Another example is a major university hospital in New York City. It uses our user management solution for several tasks. The most recent example is provisioning patients to the network to allow them to view their records on a mobile device provided by the hospital for the duration of their stay. We also implemented a password self-service reset function to allow the patients to reset their passwords without a further burden on the help desk.
What are their goals and how are you helping to meet them?
I think the primary goals in healthcare are to provide a better level of user-friendliness, service and security from the IT staff without increasing staff and costs. Our solutions provide verifiable time savings to the organization while providing a very high user adoption with minimal training.
How has identity and access management changed for healthcare, and what’s to come in the near term?
One of the major changes in healthcare has been the elimination of shared accounts – for example, all nurses in a department would have only a couple of computers that were logged in with a generic account. With security and privacy concerns over the last few years, the trend has been to have each nurse or caregiver have an individual login. This causes delays when one nurse needs to logout and another login. Single sign-on (SSO) applications with fast user switching and follow me functionality ease this time burden significantly.
I think the future will see even more security requirements – further tightening of access to prevent HIPAA violations. I also see patients wanting to have access to medical records and treatment plans and the need to provision them to hospital systems in a secure and efficient manner.
What do you see as the major IAM issues and hurdles that healthcare organizations now face?
With the new insurance regulations, I think budgets are going to be cut even more. Any technology purchases will be evaluated against a more stringent ROI standard.
How does an IAM solution actually work in the healthcare environment? What type of ROI do health systems typically receive?
There are several components to an IAM system and most healthcare organizations implement them in phases. Here are brief descriptions:
User Lifecycle Management – Creating, updating, disabling and deleting of user accounts in the network and a wide variety of applications. When an employee joins an organization, they need to have immediate access to the network and other systems depending on their roles. A nurse needs access to the clinical systems; an AP clerk needs access to financial systems, etc. A feed from an HR system is normally the starting point for creating these accounts, but it is also the authoritative source for job changes – role changes and re-provisioning are most likely required. Finally, when an employee quits or is terminated, it is imperative to shut off all access to accounts in a timely fashion. All of these tasks can either be fully automated or work-flowed to reduce time spent.
Password Reset – A majority of helpdesk calls are related to forgotten passwords. This component of an IAM system empowers end users to reset their own password by answering a series of challenge questions. A user no longer needs to wait for a helpdesk person to be available and can immediately reset the password and resume their job.
Single Sign On – In typical environment, employees may be required to remember up to 10 or more sets of credentials to gain access to the systems they need to perform their daily jobs. An SSO solution reduces this to a single set. Modules, such as advanced authentication, allow users to login with a smart card and PIN to further reduce time spent with credentials while follow me and fast user switching reduce time waiting for their session to come up as they move from one computer to another in the facility.
What kind of benefits have you seen hospitals, care givers and patients receive because of these solutions?
User management solutions tend to benefit the IT department the most as the time they spend on creating and managing user accounts can be reduced to near zero. Password reset benefits both the employee and the IT group by reducing calls for password resets and allowing employees to quickly rest a password and get on with their work. SSO has the biggest impact on employees as they no longer need to remember multiple sets of credentials.
How can an IAM solution assist care providers in their daily activities?
Some of the biggest benefits are gained by the use of SSO and the ancillary modules. Advanced authentication allows user to place a smart card on a reader, enter a PIN, and automatically be logged into the computer and, if desired, have needed applications opened automatically. Combining this with follow me technology and fast user switching, they can move from one computer to another and have their sessions follow along. No need to enter credentials, wait for the computer to open their profile or applications. The time savings can be tremendous.
From your perspective, how has the login process at hospitals hindered the care that patients receive?
Imagine needing to quickly access a patient’s record in an emergency situation and having to wait minutes for your session to start, enter credentials for the EHR system and wait again while it starts. SSO can reduce this to seconds, which can be a major difference in patient care.
How are IAM solutions in the healthcare industry different than in other industries?
Healthcare has significantly more requirements and regulations than other industries. Also, the sheer diversity of the workforce, as far as responsibilities are concerned, add to the complexity of the implementing a system.
With all of the regulations, such as HIPAA, how can care organizations improve their IT processes while still meeting these rules and regulations?
Implementing an identity management solution actually makes complying with a wide variety of regulations, including HIPAA, easier. Every action performed in the network relating to account management is now completely auditable and reports can be generated on-demand. SSO can allow a higher level of security than just passwords with authentication management, and also provide reporting on access to applications. Further, disabling a profile when an employee leaves can be accomplished in seconds ensuring the potential for malicious actions by a disgruntled employee are minimized.