European hospital saves hundreds of thousands of euros per year with Efecte IGA solution

In healthcare, every cent spent on unnecessary admin is a cent that could instead be spent on patient care. For one European hospital, manual identity and access management (IAM) processes represented an opportunity to streamline operations and release budget for re-investment.

Like many hospitals, this organization was facing IAM challenges arising from increased digitalization and changing workforce dynamics. Its IT department was responsible for managing thousands of user identities and access permissions, from clinicians and administrators logging into patient records to nurses accessing secure cabinets and cleaners gaining access to wards and offices.

While in the past most of these users might have been internal employees, new healthcare ecosystem dynamics mean growing numbers of users are now external. Nurses and cleaners are often supplied by external agencies, patients and caregivers with appropriate permissions can view electronic patient records, and insurers and billing services providers can access relevant financial data.

Internal workforce dynamics are changing too, with more hybrid work and more use of SaaS systems accessed from different devices.

The challenge: Manual IAM processes creates a heavy workload for IT admins

All of this created a huge IAM workload for the IT team. Users are onboarded and offboarded all the time, while shift-based work means that tens of manual access rights updates need to be made each day. As well as tying up IT time, this created the risk of errors, and increased risk of compliance breaches and misuse of credentials. With cyberattacks on European healthcare organizations increasing in frequency and severity, the hospital recognized that its partly-manual IAM processes could benefit from further tightening.

The tipping point came when several healthcare organizations consolidated into a single group, with one IT services team serving all the users. The hospital identified an opportunity to automate identity and access management, to free up IT time and significantly reduce the risk of errors, data loss and unauthorized entry. An automated solution would free up HR time too, reducing the number of manual steps required for onboarding and offboarding employees. The solution would need to include both digital and physical access rights.

The solution: Automate core IAM processes with Efecte IGA solution

Mindful of regulations governing where and how sensitive data is stored and transported, the hospital sought a European provider for its IAM solution. Having reviewed the options, it chose to implement Identity Governance and Administration (IGA) from Efecte to automate core IAM processes and enable users and managers to self-serve for key tasks relating to access and identity.

In particular, Efecte IGA solution now allows the hospital to:

• Improve security and compliance by defining and implementing business rules to limit the potential for misuse of credentials. Efecte IGA solution allows IT admins to define roles and access permissions, specify toxic combinations and automate user re-certification processes. The hospital also uses Efecte IGA solution to automatically synchronize workstation IDs and access permissions with client and patient record systems, preserving an accurate audit trail.
• Streamline processes by automating the provisioning of access rights via integration with core systems including the HR Management System (HRMS) and customer directories. Now, when a new employee is onboarded into the HRMS, the integration with Efecte IGA solution triggers the automated provisioning of relevant access rights to the user’s profile in AD. Similarly, when a user is offboarded, their access rights are automatically revoked according to the business rules set using Efecte IGA solution.
• Accelerate processes by automating IAM processes related to onboarding, offboarding, re-certification, the hospital has significantly reduced the time and admin burden on HR staff, managers, systems administrators and IT admins.
• Enhance the employee experience: As all access rights are provisioned using Efecte IGA solution, there are no longer discrete, manual processes for managing access to digital systems and physical assets. A new nurse starting work in intensive care, for example, automatically gains the appropriate accesses to systems, wards, offices and medicine cabinets, ensuring a positive start in the new job.
• Empower users: Efecte IGA solution includes a self-service portal for users and managers to carry out actions including requesting new accesses, resetting passwords and reporting a lost or stolen badge. The portal improves the employee experience and removes a lot of admin burden on IT users—given that, typically, 20-50% of all tickets raised to IT helpdesks are for password resets.

The result: A rapid implementation brings tangible financial and security benefits