New Readers

 Home News and World Report Buyers Guide Global Excellence Technology Case Studies Editorial Awards About Info Security
2008 Best Deployment Scenario

 Value of SSO to HIPAA Compliance


Current Threat: Password security and user access issues are major issues for healthcare organizations.  Add to this regulatory compliance—Health Insurance Portability and Accountability Act (HIPAA) and others— and the problem is even more demanding.  While single sign-on (SSO) technology is not new, existing solutions have been expensive, time consuming and rarely lived up to expectations – until now.

Imprivata OneSign Single Sign-On has changed all that.  OneSign SSO helps healthcare organizations benefit from increased user productivity and reduced password management. OneSign delivers on one very important promise almost immediately: rapid return on investment.

Info Security Products Guide
this article
COMPARE and print reports
RATE products

Tomorrow's Technology Today - Identity Management

Tomorrow's Technology Today: Imprivata OneSign Single Sign-On (SSO) is as an easy, smart and affordable means for healthcare organizations of all types and sizes to strengthen IT security while improving employee productivity.  It requires a user to remember and provide just one set of credentials – user name and password – to access the full portfolio of applications, data and services for which that user is authorized.  This means that each user’s network identity will have all the relevant application credentials linked to it and authentication will be managed in the background. While doctors, nurses and clinicians can spend less time logging in and out of network applications and more time with patients.

With OneSign SSO, healthcare providers can meet HIPAA privacy and security requirements in two major ways: strengthen application password security and establish user application access data.   OneSign assists the management of password policies via implementation of strong passwords, or strong authentication methods, at one central point.  This results in better authentication management and greater security.  SSO also enforces network-level authentication, enabling single point of control for access, authorization and authentication and tracking access to information/data.
OneSign SSO enables healthcare organizations to address the varying needs of all hospital personnel including clinicians, IT staff and auditors, making them more productive while also providing an extra level of consistency and overall security for the entire healthcare organization.  Healthcare providers can then build upon the improved security provided by SSO solutions by adding strong or two-factor authentication including strong passwords, tokens, smart cards and/or biometric readers.

Additionally, healthcare facilities are experiencing the many benefits of the OneSign SSO solution and some of these advantages include:

  • Shared workstation support: Multiple users are able to easily sign on to a shared workstation without the need for time consuming logging in and out of the computer; 
  • User accountability: Records user access events and log files providing detailed reports on application access by user, application and workstation;
  • Support for authentication modalities: Provides built-in support for major forms of strong authentication, including strong passwords, ID tokens, smart cards and finger biometric technology; and
  • Universal application support: Enables healthcare institutions to SSO-enable any application, including popular healthcare solutions, such as Meditech, Cerner, McKesson, Med2020, etc.

Healthcare organizations also benefit from quicker implementation, lower help-desk costs, increased productivity and compliance – without modification of existing applications or interruption of business activities. 

While the current focus on improving security in healthcare is clearly being driven by the April 2005 HIPAA deadline, the advantages of SSO extend beyond that initial need.  With OneSign SSO, organizations can easily add cognitive security (strong passwords), token security (swipe cards), and biometric security (retina scans, fingerprints).  Once SSO is deployed and in use, healthcare organizations can strengthen security further by adopting more stringent standards of their own.

OneSign is shipped as a hardware appliance pair - there is nothing else to buy, install or maintain.  OneSign’s patent-pending drag-and-drop (APG) technology uniquely allows for easy single sign-on implementation and quick ROI because there is no scripting, custom coding or changes to applications or directories required for deployment. 

OneSign SSO requires minimal consulting and service costs as well as low user training/support costs with no disruption to user workflow.  Unlike competitive alternatives for network authentication, enterprise single sign-on and physical security convergence—which all require myriad purchases and installation of disparate and complex technologies that lack common management UI, workflow or reporting, the power of Imprivata OneSign is that it’s one powerful identity and access management platform packaged in one appliance. 

Conclusion: With Imprivata OneSign SSO, healthcare organizations are able to address the varying needs of all hospital personnel including clinicians, IT staff and auditors, making them more productive while also providing an extra level of consistency and overall security for the entire healthcare organization. 

Imprivata, Inc.
10 Maguire Road, Building 2
Lexington, MA 02421
Tel: 1-781-674-2700
Download the document
From Info Security Products Guide site: CLICK HERE