This article can also be found in the Premium Editorial Download "Information Security magazine: Special manager's guide: Monitoring identities."
Download it now to read this article plus other related content.
Single sign-on can reduce help desk calls and improve the user experience.
WAM registers with hospital
For David Young, Geisinger Health System's information technology program director, using a Web access management solution was a good diagnosis. As a health care provider, the company wanted to improve patient satisfaction and save time and resources by getting patients to update information such as address or insurance changes.
That was four years ago. Today patients can view their medical reports, lab results and schedule doctor appointments.
The original rollout of RSA Security's Access Manager took six to eight months as Geisinger needed to iron out security policies that would be reasonable for an external user (internal policies may not have been applicable). The team included IT staff specializing in Web services, network infrastructure, firewalls and desktop applications, a HIPAA officer and internal auditor, among others.
Initially Geisinger would only sign up people who came to its clinic and could verify their identity with a picture ID. Today Geisinger takes registration requests online, then sends the patient an activation medical code to the address in their file. With this approach, the hospital has been able to prevent fraud and has increased the activation rate from 50 percent to 70 percent.
"[Protecting and ensuring identities] are keys to the kingdom--we're liable for that," says Young.
For David Young, information technology program director at Geisinger Health System, it was about improving the customer experience. For Steve Siress, network systems manager for Enterprise Bank & Trust, it was driven by compliance. For Charles E. Christian, director of information systems at Good Samaritan Hospital, it was about increasing the quality of patient care and reducing tedious documentation.
For all of them, single sign-on also helped reduce help desk calls and led to a more positive customer experience.
Organizations have pursued a variety of strategies to simplify, reduce and consolidate multiple application sign-ons, with the goals of improving user experience, reducing costs and improving compliance. Enterprise single sign-on and Web access management systems have become two of the most common and widely deployed solutions in the market today.
The implementation for Young, Siress and Christian were all success stories. But, any rollout can be fraught with setbacks and implementation headaches. Before you decide which approach makes sense for your organization, we'll explain their capabilities and implementation considerations.
More information from SearchSecurity.com
Learn how to establish and maintain an effective identity and access management plan in Identity and Access Management Security School.
Visit our resource center for tips and expert advice on implementing identity management and access control measures.
This was first published in August 2006