Nottingham University Hospitals Trust is eliminating the
burden on staff of using multiple passwords to access different
applications with a
smart card-based system that provides single sign-on access to
both the NHS and its own information systems.
The trust is using
access management supplier Imprivata's Onesign Single Sign-on.
Onesign is a smart card authentication and access management system
designed to reduce the negative impact on productivity caused by
the need for multiple passwords. It also provides secure access to
applications, cutting the security problems of having staff manage
different passwords for different systems.
Ben Halliday, head of technical support at the Nottingham
University Hospitals Trust, said the system gives the trust's 8,000
staff strictly qualified access to patient records in 16 systems.
These include radiology, theatre, the helpdesk and others. The
trust plans to add seven more systems this year.
"One size does not fit all. As more systems are implemented via
the
NHS's National Programme for IT, the staff are relying more on
IT systems. But they had to remember more and more passwords to
access the different systems.
"It quickly becomes difficult to remember all the passwords, so
to make life more tolerable for users we invested in the card-based
single sign-on system," said Halliday.
Staff can now use their Windows log-on and smart card to gain
access to the Imprivata system. This then uses pre-written scripts
to connect the user to the NHS system and to the trust's own
systems, where they can access the records they need.
Halliday said users were happy to be freed from the burden of
remembering dozens of passwords, and that the effect on helpdesk
activity had also been dramatic.
"Nearly 60% of calls to the helpdesk were to reset passwords.
That has dropped to almost nothing, and we can now provide help out
of hours. And it has freed the helpdesk staff to do higher value
work and answer calls more quickly," he said.
Halliday said writing the scripts for the Imprivata system took
about a month. "We have to add 28 systems as well as upgrade the
system over the next year, but we expect any changes to be really
quick as we will be doing the scripting ourselves."
According to Halliday, the trust uses the same authentication
and revocation processes that the NHS uses to grant users access to
the data spine, the main NHS network application.
"This means we are quite rigorous about how we grant access, and
also about deactivating accounts when people leave," he said.
Trust steps ahead
of NPfIT >>
Tony Collins
blog
The latest news, analysis and opinion on project management
Comment on this article:
computer.weekly@rbi.co.uk