The NHS IT Security Specialists

East Kent Hospitals Streamlines Clinical Access with Single Sign-On

Before Single Sign-On

• Employees had strict password policies related to application access, leading to forgotten or written-down login credentials
• The IT helpdesk was burdened with calls concerning access issues – each call lasting an average of 30 minutes
• The organisation had more than 20,000 accounts in e-directory, but only 7,500 users

 After Single Sign-On

• More than 7,500 clinicians and other staff are supported with Single Sign-On
• 25% reduction in helpdesk calls, equivalent to savings of more than £80,000 per year
• Implemented centralised system to track all application access for reporting and auditing purposes 

By the Numbers

• £80,000 in savings to the IT helpdesk for access-related calls
• More than 7,500 users enrolled for Single Sign-On
• 87 applications enrolled, including legacy and healthcare systems

“Password resets and access issues are an incredible drain on IT resources, and Imprivata has helped us eradicate these calls so that support staff can focus on other more strategic areas of IT across the business. With Imprivata OneSign, we are confident in our ability to achieve our organisational goals for effectiveness and efficiency” said Nicola Ellingham, Project Manager, East Kent Hospitals University NHS Foundation Trust.

 

The Business Challenge

East Kent Hospitals University NHS Foundation Trust is one of the largest hospital trusts in England, with five hospitals and several outpatient facilities across East Kent and Medway. The Trust provides a wide range of services within both hospital and community settings, and employs more than 7,500 clinicians and other staff who require access to a variety of healthcare applications and support systems.

 

The Trust’s clinical staff required access to more than 86 applications, however the organisation’s password security policy required individuals to utilise separate login credentials for each application. As a result, users forgot their credentials and could not access core systems. Clinicians and staff resorted to writing down passwords or sharing accounts with other users, actions which compromised the Trust’s strict security requirements.

 

Nicola Ellingham, project manager for East Kent Hospitals University NHS Foundation Trust, is responsible for the implementation and support of access management technologies and knows the importance of finding the balance between security and employee productivity. “Obviously, keeping our patients’ data secure is of paramount importance, however, with so many disparate logins, the productivity of clinical staff was being affected, which could have led to an impact on patient care. For any NHS Trust, that would be completely unacceptable service,” explained Nicola.

 

 

To ensure security, as new applications were implemented users were asked to remember complex password credentials which reset at irregular intervals causing them to be locked out, unproductive and frustrated.

 

“We noticed that almost 25 percent of our helpdesk calls were related to password or access issues. This equated to more than 8,000 calls a year and was a huge drain on our resources,” said Nicola. Additionally, IT found that despite having only 7,500 users, more than 20,000 accounts existed on the e-directory. This was due to the lack of an integrated IT access management policy across the network which made user ID verification a difficult task.

 

With these challenges in mind, Nicola and the IT team looked at possible routes to managing user access that would address the security needs of the organisation whilst reducing the complexity of the logon process for employees. One of the options immediately identified was Single Sign-On (SSO), which involves linking all access rights to one strong network login. This, in turn, authenticates users into all applications they are authorised to access without having to repeat the login process each time.

 

The Imprivata OneSign Solution

Nicola discussed East Kent Hospitals University Foundation Trust’s requirements with BMS, the premier healthcare Imprivata reseller and NHS IT  Security Specialist. After identifying that the Trust had similar access management challenges to other NHS organisations, BMS recommended Imprivata OneSign, an identity and access management appliance that can deliver SSO easily, quickly and affordably. “Having the peace of mind that other Trusts within the NHS had used Imprivata OneSign was extremely important, especially as we have quite a complex IT infrastructure spread across multiple sites,” said Nicola. “One of the key reasons behind choosing Imprivata technology was that it could be integrated with our existing network without changes to our LAN/WAN or huge hardware investment. Imprivata OneSign also supports the NHS Smartcard which is an important part of our IT plans.”

 

Working closely with BMS and following consultation with employees around how IT systems were being used and how user workflows would be impacted, East Kent Hospitals University Foundation NHS Trust started the rollout of Imprivata OneSign in early 2009 working closely with BMS. “We were surprised at how quick and non-disruptive the implementation was. Users from clinical and support roles were using SSO extremely quickly without impacting on their day-to-day tasks,” said Nicola.

 

The Results

Since the implementation, more than 7,500 users have been successfully enrolled with SSO, and the Trust has experienced a 25 percent reduction in helpdesk calls, equating to a saving £80,000 per year.

 

“Imprivata OneSign has been hugely successful in helping clinical staff access IT systems quicker and more efficiently which, in turn, means more time for patient care and less time calling the helpdesk for having passwords reset,” Nicola explained. “Access issues are an incredible drain on IT resources and Imprivata technology has helped us eradicate these calls so that support staff can focus on other more strategic areas of IT across the business. With Imprivata OneSign, we are confident in our ability to achieve our organisational goals for effectiveness and efficiency.”

 

Related Case Studies:

• Newcastle-Upon-Tyne Hospitals NHS Foundation Trust Implement Single Sign-On »
• University Hospital of South Manchester NHS Trust implements Single Sign-On with fast user switching using Imprivata OneSign »
• Single Sign-On Application and McAfee Safeboot at Tameside & Glossop Acute Services NHS Trust »

Related Solution:

« Back to Case Studies

Testimonials

'BMS have always been very supportive across all aspects of our project requirements offering high levels of expertise and excellent customer support and service. We regard them as our trusted advisors.'
(Ray Burdge, IT Infrastructure Manager, University Hospital of South Manchester NHS Trust)

'We chose BMS because of their proven knowledge and expertise within the NHS IT field. BMS have excelled in providing us with a range of solutions which have more than met our needs and expectations. The Technical Consultancy and Professional hands-on services have been exceptional.'
(Kim Pannell, IT Manager, Eastern Cheshire PCT)

'BMS have proven to be quick to respond to our needs for both pricing & service which has led to further solution implementation discussions.'
(Glyn Rowe, IT Technical Manager, Swindon & Marlborough NHS Trust)

'BMS are much more than an IT supplier, they are a partner. I trust what they tell me to be factual and not hype – their technical staff are exceptional, they always go much more than the extra mile to resolve our issues.'
(Richard Oliver, IT Security Manager, Newcastle Upon Tyne Hospitals NHS Trust)

'BMS continue to improve an already excellent service in the support of our objectives with responsive, high quality and very competitive service and products.'
(Neil Darvill, Director of Informatics, St Helens and Knowsley Health Informatics Service)

'BMS have always been very supportive across all aspects of any given project offering value for money and a high level of customer support and service. High levels of communication keep us on track and help us to meet our milestones.'
(Andy Moore, IT Services Manager, Harrogate & District NHS Foundation Trust)

'Our Hospital Trust has been working with BMS for several years now. I have found BMS to be very knowledgeable, helpful, reliable, honest and very competitively priced.'
(David Pickup, IT Projects Officer, East Lancashire NHS Trust)

'BMS excelled in their technical support of our solution, including the installation and configuration. The ongoing technical advice received has been exceptional, full marks to BMS.'
(Dr Dennis Connolly, IM&T Manager at NHS Education for Scotland)

'We chose BMS because they fully understand our specific requirements. We are confident in their knowledge and skills and have always found them to be prompt in their responses.'
(Lisa McCartney, Acting Assistant Server Manager, North Mersey Health Informatics Service)

'“Our Trust engaged BMS to assist with our deployment of McAfee EndPoint Encryption & McAfee Device Control. I found the staff that I dealt with to be professional, knowledgeable, helpful and extremely reliable. I would recommend using BMS and without them I believe that our deployment would not have been so speedy or successful”. '
(Maria Ganderton, ICT Project Manager, Technology Development, South Tees Hospitals NHS Foundation Trust)