Melbourne Internal Medical Associates - Imprivata provides antidote to password pain

Company

  • 1,000 employees
  • 117 board-certified physicians with expertise in 25 medical specialities
  • 15 locations throughout Florida

Industry

  • Healthcare

Applications

  • IDX Groupcast, Centricity EMR, Fuji Synapse, Kronos Workforce and Timekeeper, and Citrix

Challenges

  • Clinicians frustrated by passwords
  • Unenforced password policies
  • Helpdesk burdened with reset requests

Results

  • Clinician workflows improved
  • SSO and strong authentication improve security
  • Helpdesk saves time and money

Melbourne Internal Medicine Associates (MIMA) is the largest, most comprehensive independent physician group in Brevard County, Florida. Supported by a team of more than 1,000 employees, MIMA’s 117 board-certified physicians provide expertise in 25 medical specialties throughout its 15 locations in central Florida.

The business challenge

Clinicians at MIMA work with an average of five to six software applications, each of which requires its own unique password. With so many passwords, users frequently forgot them, leading to disabled accounts and calls to the IT helpdesk for assistance. With the helpdesk averaging 500 total calls per month, this approach was inefficient, slow, and costly

It was a major irritant to MIMA’s busy physicians, who were frustrated at the negative impact on their busy work lives. “The physicians will always inform us of systems and workflows that are detrimental to their productivity,” said Gary Wright, MIMA’s chief information officer. “With all the different password requirements, some of our staff would record passwords in plain view where anyone could copy them.”

With these user frustrations, Gary Wright and Phil Slover, IT operations ans development manager, found it difficult to enforce MIMA’s password policy. “It had essentially been a written policy without positive enforcement,” said Slover. Wright and Slover also understood that an unenforced password policy could complicate their efforts to maintain MIMA’s compliance with the patient data security provisions of HIPAA.

The MIMA IT team knew they needed to find a solution, but they were concerned about the complexity of their application environment, which includes IDX Groupcast, Centricity EMR, Fuji Synapse, Kronos Workforce and Timekeeper, and Citrix, as well as several applications developed in-house.”

“We have dozens of applications, varying in platform and delivery method, depending on the function of the employee,” said Wright. “We have web-based, Windows-based, and host-based applications delivered with a mixture of thin and fat clients.”

MIMA needed a single sign-on solution that could be deployed to all of the diverse applications without overtaxing its 18-person IT department. Wright and Slover also wanted a solution that would support strong authentication for better security and HIPAA compliance. Moreover, it had to be easy for the clinicians at MIMA to use.

Gary Wright was not optimistic about their prospects. “I really had very, very low expectations,” he admitted. “I had seen single sign-on solutions in the past that did not work—or did not work consistently.”

The Imprivata OneSign solution

The MIMA team has worked for years with Tribridge, a gold-certified, nationally recognized Microsoft consulting firm that implements, secures, and supports business applications. When Wright and Slover inquired about single sign-on with their contacts at Tribridge, they learned that Tribridge was also a certified Imprivata partner and highly recommended Imprivata’s OneSign® Single Sign-On solution.

After discovering that Imprivata OneSign® fulfilled all their criteria for functionality, security, and performance, the MIMA team decided to proceed. The deployment was handled by the MIMA IT department working in small groups. Progress was swift: all 15 major applications were SSO-enabled in a single day. Wright and Slover opted to start the deployment in MIMA’s smaller locations, then expand it on a department/location basis throughout the organization’s 15 locations.

Part of the rationale for choosing Imprivata OneSign was its support of strong authentication. MIMA chose biometric scanners for this purpose, and was quickly up and running enterprise-wide.

The results

The reaction from users was immediate and positive. “They’re literally thrilled,” said Wright. “There are so many tasks that require clinicians to log in and out throughout the day, it has really helped their productivity, because they can do this much faster.”

The IT helpdesk was equally pleased as the number of password reset calls dropped precipitously. While the demands on the helpdesk have declined, Imprivata OneSign has also had minimal impact on the IT department workload due to its low administrative requirements. “Imprivata OneSign maintenance is handled by one network administrator,” said Slover. “It’s only a small portion of his duties—maybe a single-digit percentage of his time.”

MIMA’s advice for other healthcare providers is simple. “Go for it,” said Slover, “It is well worth it.”

Wright agreed. “It’s not something you need to over-analyze for three years before making a decision,” he said. “You’ve just got to take the plunge.” For Gary Wright, it was a pleasure to see his expectations surpassed. “I’d never seen a single sign-on solution that functions consistently—until now,” he said. “We consider Imprivata a huge success.”

 

PDF: