COMMON CHALLENGES, CLEAR STRATEGIES
Beaumont Hospital’s commissioning of Imprivata was not borne of immediate crisis. The hospital has a long-standing relationship with Dublin technology consultancy, Triangle. With over a decade’s partnership, Triangle’s role has moved beyond tactical problem-solving to offering strategic advice on cutting-edge technologies and their applications in the healthcare sector. This allows Beaumont to make IT decisions with foresight and on a strong business case.
Equally, Beaumont was facing many of the challenges shared by hospitals across Europe seeking to generate efficiency, value and improved healthcare outcomes from technology.
The use of multiple applications in innumerable clinical contexts meant that staff were signing in and out of machines and services up to 100 times a day. It was easier to have all-day logins for whole teams, but that came with a cost to governance and audit. Legacy systems on multiple platforms and a blend of direct and virtualised access to systems meant multiple sign-in processes and passwords between software and terminals.
Clinicians were being hampered by an ever-increasing workload of login credentials. When they forgot them, the IT team would need to spend their time and talent on password management.
The Imprivata solution To resolve staff authentication in the most demanding of clinical contexts, Triangle recommended Imprivata Single Sign-On and Authentication Management.
Triangle’s Technical Director, Richard O’Brien says:
To initially demonstrate use cases and allow Beaumont’s IT team to skill up, Triangle built a prototype ‘lab’, with Imprivata installed on machines with similar load and configuration to Beaumont. Imprivata has now been deployed with an initial pilot into one of the most challenging environments at Beaumont; the oncology department, which features a day/outpatients ward and a 24/7 care ward.
Beaumont Hospital IT specialist David Kelly says,
“We picked the oncology ward because it’s like no other. It has so many patients that doctors are moving from bed to consulting room to PC constantly all day long. They are updating the system all the time, and it’s not unusual for a consultant to use every one of the 12 PCs on the ward at least once each day.
With Imprivata, doctors are able to walk up to a terminal anywhere in the oncology ward, tap once and be straight into their desktop. Then, click once on an application and they’re straight into that application. And some of the applications are Citrix-based which typically have required two logins to gain access; or have multiple menu levels. Imprivata brings it straight to where they need to be. So they are not only saving log in time, they are also saving a number of additional ‘clicks’ in getting through menu items. What Imprivata does is enable that ‘Tap, I’m in, let’s go!
Oncology staff of course benefit from all the services via Imprivata they would expect to use in their everyday work. Says Kelly, “We have email, the internet proxy and our Directory Manager which is an HR application“, says Kelly, “But we have 9 applications integrated in all, and more to follow“. Agnostic of platform or OS, Imprivata at Beaumont already gateways to:
- PACS, the national system for images (X-Rays, scans etc.)
- RIS, a national radiology service ordering system
- NIS, the Notes Information System used on the ward for patient notes and medications etc.
- PIPE, the Patient Information Profile Explorer used by doctors and nurses on the wards
- And the bespoke BHIS, Beaumont Hospital Information System.
Dr. Oscar S. Breathnach, Consultant Medical Oncologist, says,
“The introduction of the ‘tap and I’m in’ system to auto–populate key high frequency use applications has been a success throughout most users’ experiences. As we are preparing for the go–live of our EMR / e-prescribing system, the ability to auto-populate both the Citrix and Aria gateways has removed the barrier that two separate though dependant passwords was creating. Parallel to this is the fact that currently we use the PIPE system to order and review lab reports. The auto–population of passwords has again allowed more speed and efficiency in moving between the various programs.”
BHIS in particular was a challenge turned into an opportunity. Says Kelly,
“BHIS is 25 years old and we use a terminal emulator to connect to it. Plus there are four different ways to sign into it depending on role and what you want to do; for example making an appointment in three months time. All in all, there are probably 70 different options once a user has signed in with their ID.
“So as part of installing Imprivata, we looked at the way the staff were using it and replicated the keystrokes in macros. Even though it’s a 25 year old system, when staff log in via Imprivata, they now get dropped into exactly the part of the system they need. It saves three or four screens and clicks at a time.”
CLINICAL TIME SAVED, GOVERNANCE IMPROVED
Those saved clicks are mounting up. O’Brien says;
Imprivata automatically gives us reports on logins, and we can extrapolate from that into keystrokes saved and therefore significant clinical time saved per week.
Plus, because we’re monitoring the usage of each application, governance suddenly becomes workable; integrated into each clinician’s workday. We can leave it all to each individual’s proximity cards rather than having shared logins for each department.
And it’s not just the time constantly keying in passwords in many different applications that’s saved: it’s a hospital, so they’ve got a lot of restrictions in terms of time-outs, most of which happen sooner than a lower-security operation would demand. Staff were constantly rekeying passwords. Logging out, too, used to involve multiple keystrokes for each application; now they can log out of everything on a machine with one tap. We’ve taken away all the effort and, more importantly, the irritation.
This has not gone unnoticed. Dr Breathnach says “Other allied health professionals are eager to have similar access as they can also see the obvious benefits.” David Kelly adds, “We are already getting requests for Imprivata proximity cards from other staff. So word is spreading fast and our next step is to equip everyone associated with oncology with Imprivata and then work outward with licenses from there. It’s not often we get clinicians going out of their way to ask for technology, but this isn’t about IT, it’s about making lives easier.“
Moving forward, single sign on is a key aspect of Beaumont’s IT. “We’re actually at an interesting point in our IT development“, says Kelly. “We’re working out our optimum end-user computing strategy. It might be mobile desktop or virtual apps but I can promise that it will be single sign on and the next step there is Follow-Me Desktop.“
Single Sign-On has opened the eyes of the administration team here in the hospital to what can be achieved, so the next step is the additional saving of Follow-me Desktops; but also then adding extra applications. One of the areas we’re hoping to target here is the system for tracking medical instruments used in theatre because it’s actually a third party application that’s hosted offsite and there are two layers of login to access it. Again, we’re hoping to implement Imprivata because it will make the system more acceptable for users.
Then, there are lots of additional value adds like Self Service Password Management under the control of Imprivata that has been recognised as part of the pilot and which will keep on saving time for clinicians and reduce the burden on the IT team.
SWITCH AND GO!
Kelly says the initial (and indeed future) investment in Imprivata is more than outweighed by the time it saves “time for staff at all levels of clinical expertise. He monitors the tally of clicks saved and notes that the oncology team is now fully accustomed to the technology’“ his only expense being some laminated posters featuring tips for beginners. “They’re using it all the time“, he says. “They literally walk up, tap and I’m in.“
About Beaumont Hospital
Beaumont Hospital is a large academic teaching hospital 5km north of Dublin City centre. With 820 beds, its 3,000 staff provide emergency and acute care services across 54 medical specialties to a community of almost 300,000 people.
It is the principal teaching hospital for the Royal College of Surgeons in Ireland and has privileged status as the National Referral Centre for Neurosurgery and Neurology, Renal Transplantation, and Cochlear Implantation, as the Regional Treatment Centre for Ear, Nose and Throat, and Gastroenterology, and as a Designated Cancer Centre.
IN AN IDEAL WORLD, THE AIM OF THE IT DEPT GAME…
should be to deliver solutions that empower the user. Thus, reducing the pressure on IT and improving overall employee happiness and productivity.
So why do we still see this gap (aside from the monotonous – lack of money, resources, and so on)?
Everyday businesses pour massive amounts of time and resources into how the consumer interacts with their technology. Why are we not seeing the same approach within the enterprise? And not just in the tech industry but across the board.
The gap seems to be widening as users are empowered in their daily lives, but often not at work. IT can be slow to react to their needs due to this disconnect. It’s impossible to understand how the business consumes technology, what their associated frustrations are, and most importantly where the risks are – without seeing or hearing about it! This lack of opportunity to understand the core business is bringing about a growing enterprise mobility crisis.
With a lack of day-to-day understanding – we’re watching the enterprise move from Shadow IT to Shadow Productivity.
In today’s world, where we see unprecedented technological advancements at ever decreasing costs, it seems investment in IT should be top priority. It brings too much value to the business to be a side project. You look across all sectors, in all parts of the world – those who are embracing technology are steaming ahead. They have IT embedded in their organisations and allow technology to be in the front seat streamlining business processes, driving efficiencies and delivering a comparable user experience.
I read somewhere that the average lifespan of a company has gone from 50 years to 10 years. Those smashing onto the scene and those which are growing dynamically, are the ones who are embracing technology ‘At The Speed of Life’ (to quote VMware). Unless traditional companies are consuming this stuff with the relative speed and agility seen today, the gap will continue to widen.
Management across the board should be working with IT to identify bottlenecks and work out what is possible. IT must enlighten decision makers on ‘the possible’ and they (the business) need to be talking in terms of IT. Imagine what would happen if you had a techie at every board meeting. In a board meeting people solve problems – technologies evolution is solely based on solving problems. Merging the hardwired logical techie way of thinking with creative emotion, is proven. Look at FB, Google, LinkedIn. Is that a valuable resource that is being ignored? It could be a culture shift that will see IT providing virtual solutions to real world problems.
In the 21st century IT no longer lives in the basement!
Business and IT priorities must align- and it is up to the business to lead that conversation. Identify leaders within your organisation who ‘get it’, who will drive change on behalf of both sides. Moving past controlled interaction, through pilots and the likes. The message being delivered needs to be altered- Enterprise Mobility Solutions are an absolute no brainer. Delivering business value seen on the bottom line and securing us in a world full of increasing threats to our data.
It’s not only businesses that are seeing value through employee mobility and security.
In patient care, hospital staff are saving 3-5 minutes per patient, through a one tap sign on system. Is this why we’re seeing a rise in newly appointed Clinical Information Officers (CCIOs)? They’re business purpose being clinical adoption and engagement in the use of technology. Should all verticals be adopting this mindset – will we see Education Information Officers? Legal Information Officers? Insurance Information officers?
Looking to our imminent future, it’s either bridge the gap or fall through the cracks – is this the way to do it?
Eagerly awaiting developments and your thoughts…
ACCOMMODATING EMPLOYEE OWNED DEVICES…
is fundamentally based around the management of the device and OS ecosystem in a secure fashion while not prohibiting productivity, and ensuring employee privacy is not restricted as company IP is protected. With all these considerations, it’s not surprising that companies need direction.
As much as IT departments are predicting future user needs and educating them on the possible, so must they be educated themselves.
When looking at enterprise mobility most organisations are encountering a number of different issues as the enterprise incorporates new SaaS applications and mobile devices into business process. Password management, legacy application mobile availability and IT resource drain – to name but a few. Triangle are helping organisations overcome this with employee self management portals. This involves a corporate ‘app store’ with single-sign on functionality. Without IT involvement, employees are empowered to download applications which they have permission to access, onto any enrolled device and they will be automatically signed in.
They do not actually hold specific login credentials per application, which adds an extra layer of security for the organisation.
An effective enterprise mobility strategy is focused on the user, from day 1 through to that employee leaving. Upon enrolment, specific securities policies can be set through a user friendly management portal. That employee has access to all the applications and documentation they need to be productive immediately. Throughout their time there, they are bound to security policies (eg. passcode on the device) which will automatically action restrictions without IT intervention. When that employee decides to leave, data on that device can be quickly wiped and access to corporate applications and data revoked.
These policies will be tailored to corporate owned or BYOD devices, which is invaluable with the employee privacy versus IP security debate.
The answer we’re seeing to BYOD is the container, which places a wrapped folder on the employee owned device. This holds all corporate data in a secure manner while separating it from any personal apps and data. Suddenly the container can be viewed, in IT management terms, the same as a corporate device.
This same idea can be applied to corporate documentation, those which need to be up-to-date – health and safety policies, sales presentations, board papers, contracts and so on. With content lockers, companies can securely push corporate documents onto a container on the phone, where they will always have the latest version. Again, access can be restricted or revoked at anytime, meaning this can be on corporate owned or BYOD devices. There are also a host of productivity add ons to facilitate mobile collaboration.
Answering the question of how to accommodate the new world, starts with discovering what needs to be achieved. Mobile being such a growing industry, and user driven space there is hundreds of different use cases and applications. At Triangle we’ve seen a lot of them, we’ve been on this journey since day 1.
We’re plotting your business processes and identifying the most appropriate technology to suit the organisation and user’s specific needs.
I’M YOUR TYPICAL MILLENNIAL EMPLOYEE…
with unparalleled access to applications that will enable me to do my work quicker and to a higher standard. Google Docs, Prezi, Screenshots… The majority of those applications my IT department have no control over.
When I first entered the world of IT – I heard about shadow IT in the context of massive AWS bills coming through the door. My first thought was ‘that’s fair enough’. Developers are under massive pressure to get product out the door- to them that’s the most important thing.
But of course MASSIVE security concerns….
Now I have entered the world of the end user, it seems many are taking the same approach and I’m the biggest culprit! Let’s face it, when you’re comfortable doing things a certain way – when you will get away with doing it – you will. It’s not a malicious thing, we’re just busy people who want to hit deadlines and reach targets. Which is what an organisation likes to hear.
But again, MASSIVE security concerns….
And it isn’t just technology, it can be as simple as printing sensitive documents and losing them, or using pen and paper opposed to a CRM! So maybe it’s about rethinking our approach to end-user security. No longer can we throw technology at people and expect them to use it. Technology today is built for the end-user, organisations need to be thinking the same way.
I heard someone speak about the future of security. Namely how organisations should be thinking about security in light of such massive growth and innovation in the malware and ransomware space. Your organisation WILL be attacked – what do you do about it when it happens? It can have a small or monumental impact, it’s your policies and procedures that will determine that.
So taking that premise into our context in the end-user world, what does that mean?
- Someone will leave a laptop on the bus…
- Someone won’t put a pin on their device…
- Someone will copy and paste sensitive data into a 3rd party app….
These are the end user threats. We must assume that the rules will be broken and mistakes will be made. It’s human nature! It’s about having policies and procedures built with the user in mind for if and when that happens.
In most organisations you have throngs of new tech-savvy individuals entering the workforce. With the economy growing and competition for talent heating up- it’s important to think like they do. Let’s face it, most of this shadow use of productivity apps will never have a real negative impact.
But, will it take a massive data leakage for the business to take notice?