East Kent Hospitals University Foundation NHS Trust Streamlines Clinical Access
- 7500 staff
- Overburdened helpdesk
- Loss in clinician productivity
- Need for integrated access policy
- £80,000 in savings
- Helpdesk calls decreased by 25%
- Centralized access reporting
East Kent Hospitals University NHS Foundation Trust is one of the largest hospital trusts in England, with five hospitals and several outpatient facilities across East Kent and Medway. The Trust provides a wide range of services within both hospital and community settings and employs more than 7,500 staff who require access to a variety of healthcare applications and support systems.
The Business Challenge
The Trust’s staff required access to more than 86 applications, however the organisation’s password security policy required staff to utilise separate login credentials for each application. As a result, users forgot their credentials and could not access core systems. Users resorted to writing down passwords or sharing accounts with other users, actions which compromised the Trust’s strict security requirements.
Nicola Ellingham, project manager for East Kent Hospitals University NHS Foundation Trust, is responsible for the implementation and support of access management technologies and knows the importance of finding the balance between security and employee productivity. “Obviously, keeping our patients’ data secure is of paramount importance, however, with so many disparate logins, the productivity of clinical staff was being affected, which could have led to an impact on patient care. For any NHS Trust, that would be completely unacceptable service,” explained Ellingham.
To ensure security as new applications were implemented, users were asked to remember complex password credentials which reset at irregular intervals causing them to be locked out, unproductive and frustrated.
“We noticed that almost 25 percent of our helpdesk calls were related to password or access issues. This equates to more than 8,000 calls each year and was a huge drain on our resources,” said Ellingham. Additionally, IT found that despite having only 7,500 users, more than 20,000 accounts existed on the e-directory. This was due to the lack of an integrated IT access management policy across the network which made user ID verification a difficult task.
With these challenges in mind, Ellingham and the IT team looked at possible routes to managing user access that would address the security needs of the organisation whilst reducing the complexity of the log-on process for employees. One of the options immediately identified was single sign-on (SSO), which involves linking all access rights to one strong network login. This, in turn, authenticates users into all applications they are authorised to access without having to repeat the login process each time.
The Solution: Imprivata OneSign
Ellingham discussed East Kent Hospitals University Foundation Trust’s requirements with BMS, Imprivata reseller and NHS IT Security Specialist. After identifying that the Trust had similar access management challenges to other NHS organisations, BMS recommended Imprivata OneSign®, an identity and access management appliance that can deliver SSO easily, quickly and affordably. “Having the peace of mind that other Trusts within the NHS had used Imprivata OneSign was extremely important, especially as we have quite a complex IT infrastructure spread across multiple sites,” said Ellingham. “One of the key reasons behind choosing Imprivata technology was that it could be integrated with our existing network without changes to our LAN/WAN or huge hardware investment. Imprivata OneSign also supports the NHS SmartCard which is an important part of our IT plans.”
Following consultation with employees around how IT systems were being used and how user workflows would be impacted, East Kent Hospitals University Foundation Trust started the rollout of Imprivata OneSign in early 2009 working closely with BMS. “We were surprised at how quick and non-disruptive the implementation was. Users from clinical and support roles were using SSO extremely quickly without impacting their day-to-day tasks,” said Ellingham.
Since the implementation, more than 7,500 users have been successfully enrolled with SSO, and the Trust has experienced a 25 percent reduction in helpdesk calls, equating to a savings of £80,000 per year.
“Imprivata OneSign has been hugely successful in helping clinical staff access IT systems quicker and more efficiently which, in turn, means more time for patient care and less time calling the helpdesk for having passwords reset,” explained Ellingham. “Access issues are an incredible drain on IT resources and Imprivata technology has helped us eradicate these calls so that support staff can focus on other more strategic areas of IT across the business. With Imprivata OneSign, we are confident in our ability to achieve our organisational goals for effectiveness and efficiency.”