When information security gets in the way of people doing their jobs, two things can happen: either the job doesn't get done, or people find ways around the security system.
In the medical world, the problem is even more acute. Staff working at high speeds, sometimes to save someone's life, cannot afford to be locked out from systems. On the other hand, medical information needs to be closely protected and controlled.
This was the problem recently facing Ray Burdge, IT infrastructure manager at the University Hospital of South Manchester NHS Foundation Trust.
"The medics were complaining of the length of time it was taking to log in and out of the various systems," he says, adding that different systems also had awkward authentication procedures and required users to memorise multiple passwords. "In one case we found one person who had 13 different passwords."
Now things are about to change. The tool Burdge has chosen, and which is just now being implemented, is the OneSign appliance from single sign-on specialist Imprivata, Inc.
He says it is already solving two problems: allowing users to reach applications using a single sign-on, while also providing rapid user-switching on shared terminals.
Problems often arise because of the move to gather and supply information at the point of care. Such an arrangement means that the medical teams increasingly need access to information as they deal with the patient. The information is made available from a PC installed in the treatment room or from one of the trust's computers-on-wheels (COWs). A computer-on-wheels is a wireless terminal on a cart, equipped with two high-definition 17-inch screens in portrait mode that can be used to bring up patient information or images such as X-rays.
The trouble is that different members of the multi-disciplinary medical team visiting a patient may need to share the same computer to access the different information they need from a variety of applications. Until recently, each user would have to log out completely in order for the next one to start their session, a process that could take several minutes.
"With multi-disciplinary teams, there can be several log-ins during the same session with the patient. And with going into different applications as well, it can get a bit awkward," Burdge says.
By introducing the Imprivata product, Burdge says it is now possible for a new user to take over from another person in less than 10 seconds. Instead of typing in a user name and password, as the staff previously needed to do for each application, they now just insert their NHS smart card and key in a four-digit PIN. Hospital users then immediately have access to all their applications and files.
The system was delivered and installed in July by Business Management Services Ltd., a Nottingham-based system integrator specialising in healthcare systems. Burdge says installation and configuration took half a day, and another day and a half was spent setting up single sign-on applications and registering a few users. "By the end of the two days, we had had provisioned about eight or nine single sign-on applications and set up a couple of dozen users," he says.
With the organisation in the middle of a wholesale move from Novell to Microsoft Active Directory, Burdge admits it was not an ideal time to introduce the new system. But Imprivata is able to support multiple directories, making the process a lot easier. The handful of existing users have welcomed the new facility with enthusiasm, he says, and the aim now is to roll the system out across the rest of the organisation before the end of the year, encompassing 2,500 desktop machines and 4,500 users.
After that he is looking to introduce proximity cards, removing the need for the user to insert a smart card in a reader. This will be especially useful in areas such as operating theatres where infection control is paramount, says Burdge.