Commissioned by Imprivata
1 Executive Summary
There is no question that IAM infrastructure is becoming increasingly critical to the business success of healthcare providers. This is driven in the first instance by the unstoppable digitization and connectivity of everything and the inevitable efforts of cyber-criminals to compromise the newly connected assets. At the same time, and especially in sectors like healthcare, finance and social media whose business are based on collection and use of mountains of valuable consumer data, the public and governments are demanding more accountability for safeguarding and appropriate use of personal information. Healthcare organizations cannot meet these challenges without effective and comprehensive IAM. Multiple non-integrated, home-grown or manual solutions won’t do.
However, even an IAM solution that controls access to all of the organization’s connected assets and provides a centralized view of user activity will fall short if it does not support the unique characteristics and requirements of the healthcare sector. These requirements include:
- incorporating specialized legacy medical equipment (and legacy applications) into an integrated digital environment,
- responding to government healthcare policy initiatives enforced both by regulation and the government’s role as the largest payer for healthcare services,
- dealing with security threats, including cyber-threats, which are elevated by the premium value of medical records,
- improving the “patient experience” to meet expectations of increasingly cost-sensitive and empowered customer/patients,
- increasing efficiency to survive a period of industry consolidation intensified by cost pressure from governments, health-insurance companies and consumers.
Most important of all, healthcare providers need an IAM capability that doesn’t get in the way of their core business process: the clinical workflow. KuppingerCole recommends that a healthcare provider looking for an IAM capability to support their digital transformation and meet today’s higher standards for cyber-security and accountability focus on vendors whose products are well-adapted to healthcare’s unique operating environment.