Spencer Hospital - Providing Secure and Convenient Bedside Access to Patient Data
Spencer Hospital is a 99-bed facility that is complemented by two family practice clinics, two dialysis centers, the Abben Cancer Center, and a new cosmetic and reconstructive surgery clinic. It also hosts a Practice Management/EHR package which is leased to local private clinics in a SAAS model. The hospital blends state-of-the-art technology with the skills of its 600 employees to deliver high quality healthcare.
THE BUSINESS CHALLENGE
In the course of daily rounds, the hospital’s doctors and nurses access a variety of applications and websites via PCs in patient rooms. These include McKesson Paragon, Horizon Medical Imaging, and a number of vendor and government hosted sites providing healthcare related information and resources.
To satisfy security and HIPAA requirements, the IT department set short time-outs for viewing patient data screens. Although this policy ensured data would not be visible for an undue amount of time, it impeded productivity.
“Doctors and nurses were frequently locked out of a screen in the midst of a patient visit, forcing them to log in again,” explains Ed Meyer, Spencer Hospital’s director of IT.
In response, the hospital implemented a USB key system. Unfortunately, the system was a failure. Clinicians frequently lost or broke the keys, leading to frustration and numerous calls to the helpdesk. As a result, doctors and nurses resorted to accessing data via workstations located in the hallways. This process was counter-productive to the goal of secure and convenient bedside access.
THE IMPRIVATA ONESIGN SOLUTION
As Meyer and his team evaluated potential vendors, they considered software-based solutions from CA and Citrix, and on the advice of their partner, CDW, they included the Imprivata OneSign® appliance in the evaluation process. Over a period of 90 days, they sequentially implemented each solution on a trial basis of 30 days. “When the Imprivata OneSign appliances arrived, the tide started to turn in the Imprivata direction,”commented Meyer. “Imprivata OneSign’s tight integration with all types of strong authentication and applications was important, but it was the appliance that sold us.” The IT team was impressed with the ease of implementation, configuration, and maintenance of the appliance. “We simply turned it on, entered an IP address via a website, and were up and running,” says Meyer.
A handful of doctors participated in the trial and chose Imprivata OneSign. “The doctors loved the fact that Imprivata OneSign® SSO enables them to sign in and automatically launch a user-specific application,” explains Meyer.
Based on the overwhelmingly positive response from users during the trial period, the IT team implemented the solution to every nursing area of the hospital. Then, working with an Imprivata project manager, the team SSO-enabled nearly all of the hospital’s applications over a five-day period.
Nurses in each unit were enrolled in SSO on the spot during department meetings. “We didn’t really need to conduct official training. The enrollment was the training,” says Meyer. Tiefenthaler then enrolled each doctor individually. Because the doctors who had participated in the trial championed the solution to other physicians, user adoption was fairly rapid.
With Imprivata OneSign in place, clinician productivity has greatly improved. Doctors and nurses sign in once and their authorized applications are automatically launched, such as Physician Web, where they can access electronic patient charts. “Our clinicians love the fact that they can do this in one step. Now they access patient data and handle charting at the bedside. Not only does this improve productivity, but it also leads to better patient care,” explains Meyer.
The hospital is also pleased with the impact on security. “Because clinicians are now comfortable with in-room access, we no longer have to worry about sensitive data being visible in high traffic areas, such as hallways,” continues Meyer.
Furthermore, the IT team can configure workstations to automatically lock after a certain period of inactivity—increasing security without affecting productivity. The automatic workstation lock enables nurses to leave a session open in a patient room without worrying about sensitive information being exposed. When the nurse re-enters the room, she authenticates with her fingerprint and the workstation unlocks. If a different user authenticates on the machine, Imprivata OneSign SSO will automatically close the active session. “We love this feature. It prevents people from charting under the wrong name,” explains Meyer.
Moving forward, Spencer Hospital anticipates to further benefit from Imprivata OneSign SSO. “With this solution, we can implement more stringent password policies, including complex passwords, password expiration, and even randomly generated passwords. To do this without impacting user convenience is a huge bonus,” concludes Meyer.