Rotherham
Primary Care Trust(PCT) has stemmed a major
security problem and saved time by linking the Windows login
accounts for its users to the NHS-wideElectronic Staff Records(ESR) human
resources system.
The trust has automated adding user accounts to the Windows
Active Directory, which staff use to connect from the hospital's
network into the secure NHS N3
Network. The approach is more efficient than the previous
method of updating staff data, which involved IT staff manually
altering new joiners and leavers' lists from the human resources
department.
Ex-employees with computer access could log in and pose a major
threat to IT security. Both Windows Active Directory, which is used
to authenticate staff on the hospital's network, and ESR, require
updating with the same information separately. Delays in updating
new HR information to the Active Directory were occurring because
of the additional administration with ESR. "Following the rollout
of the ESR and the separate updates [in Active Directory] we were
leaving ourselves open to a security breach," said Derek Stowe, IT
infrastructure manager at Rotherham PCT.
"We needed a way to disable and remove user accounts," he said.
The existing process was time-consuming and relied on the IT
department receiving updates of joiners and leavers from HR.
The PCT, which employs 2,600 staff, now uses an updated system
whereby staff details are taken automatically from the ESR
database. When the HR system is updated as someone leaves, network
access is taken away from that user. This means access to networks
can be made more secure, said Stowe.
Rotherham used Quest Software's
ActiveRoles
Server and
Quick Connect to automatically synchronise user login accounts
across the two systems. Stowe has also used
AD Recovery Manager, to find out which users with network
access were no longer working for Rotherham PCT.