Across the Trust, both clinical and non-clinical staff require access to confidential information as part of their daily activities. Due to the sensitive nature of the data, employees were typically issued user names and passwords for the applications they were authorised to access.

Remembering multiple passwords for numerous applications proved problematic and staff would resort to writing down the log-ins to remember them or would forget the password and then be locked out of applications.

Also, each user had to carry up to three separate smart cards in order to gain access to IT and building resources.

‘The IT Helpdesk had to deal with large numbers of password reset requests; about 55% of calls to the Helpdesk were password related.’

The Trust wanted to improve productivity and remove a range of password issues for the 11,000 clinical and administrative staff. They were looking to do this through implementation of an identity management system that would link the physical network and building access systems and enforce security policy across the Trust’s computing assets.

Working with its partner, ITHealth, the Trust chose the single sign-on (SSO) solution from Imprivata for its ability to implement an identity management system that links to the physical network and enforces security policy across the Trust’s computing assets.

Imprivata OneSign is an access and identity management solution which provides strong authentication support across all applications – local and national, single sign-on and the ability to integrate physical security systems.

Key features and benefits of Imprivata OneSign include:

• Replaces multiple passwords and provides a centrally managed
  user log-on which works with ALL applications – legacy, web apps/
  gui’s novell, & client/server apps
• Single consolidated user identity where IT can approve or deny
  network access depending upon a user’s physical location, role,
  and/or employee status
• Lowers help desk costs through reduced password issues
• Increases user productivity

The strong authentication factors are combined in a single card with both chip and pin and proximity functionality, so that once users are authenticated they will automatically be granted access to all the applications that they are permitted to use.

Following a pilot phase in 2008, the Trust began its roll-out of SSO and strong authentication with a new application for women’s services, with access given to PAS, maternity, Labs and X-ray systems as well as local databases, covering 500 users.

During the later stages of 2008, the solution was rolled out across various departments including Finance, HR, and Supplies and it was anticipated that by the 3rd quarter of 2009 all staff members would be using smart cards for single sign-on. By June 2009, 9,000 staff had been issued with new cards, 10,000+ staff had been registered onto the spine, 2,000+ staff were using SSO via smartcard and over 20 applications were made accessible via Single Sign-On.

“The deployment of SSO and strong authentication is one of the largest in the UK health sector and it has demonstrated how local needs can be met using innovative approaches linking to the Connecting for Health national scheme,” said Brett Draper, Managing Director of ITHealth.

Richard Oliver commented, ‘We have reduced the volume of password reset requests by around 40 percent and anticipate that this will continue to increase until rollout is completed. We have also improved staff productivity levels. This project is proving to be popular so far with both the IT Helpdesk team and the general user population’.

‘Staff will now only have to use one card for all their access needs using only one password, saving
time and increasing staff productivity, whilst also improving our overall security.’

Richard went on to say, “The level of assistance we have received from ITHealth in the implementation of the solution has been incredible. The knowledge and skills of the engineer were fantastic and when we were hit with difficulties or issues which had not been encountered in other locations, due to the way we wanted to use the product, the ITHealth engineer always found the way to resolve the problem. He researched the issue, found alternatives where needed and provided advice and a resolution wherever possible. ITHealth always go much more than the extra mile and I have no hesitation in recommending them.”