Digital identity framework

Framework overview

The digital identity framework provides IT and security leaders with a toolkit to drive their IAM strategy. It addresses key governance and administration, identity management, authorization, and access and authentication functions to support the planning process — beginning with the end in mind.

What it means in healthcare

Benefits

Governance and administration

Compliance

Healthcare and government standards

Analytics and audit reports

EPCS reporting

Risk mitigation

Anomaly detection

Entitlement and attestation review and remediation

Patient safety: records de-dupe, EMPI

Identity management

Identity provider

Identity store

Directory federation

Lifecycle

User provisioning, including non-employees

Non-human/service account provisioning

Ongoing privilege management

Mobile device management

Authorization

Roles and policies

Coarse- and fine-grained authorization control

Data access policies

One identity/multiple roles

Identity assurance

Identity proofing for EPCS

Biometric patient identification

Authentication and access

Multifactor authentication

Remote access

EPCS

Clinical workflow authentication

Risk-based and adaptive authentication

Single sign-on

Cloud apps

Legacy apps

Mobile apps

Access control

Clinical/virtual desktops

Shared mobile devices

Medical devices

PAM and VPAM

Self-service

Password management

Enrollment

Patient self check-in

Choose an Imprivata product to explore in the framework

plus sign

Select all

reset sign

Reset

Identity governance

Imprivata Identity Governance

Mobile IAM

Imprivata Mobile

Single sign-on

Imprivata OneSign

Multifactor authentication

Imprivata Confirm ID

Patient identification

Imprivata PatientSecure

Risk analytics and intelligence

Imprivata FairWarning

SecureLink Privacy Monitor

Privileged access management

Imprivata Privileged Access Management

Vendor privileged access management

SecureLink Enterprise Access

SecureLink Customer Connect

Microsoft

Governance and administration

Starting with governance and administration, identify the standards with which your organization will need to comply, including the reports you’ll need to do so.

An effective solution will provide dashboards from which you can track which staff are accessing which applications. For healthcare organizations, this enables you to monitor and generate audit summaries for patient privacy and drug diversion — for example, reports of EPCS activities as part of a DEA-adherent process.

 

SOLUTIONS THAT SUPPORT GOVERNANCE AND ADMINISTRATION

Imprivata Identity Governance | Imprivata Mobile | Imprivata OneSign Imprivata Confirm ID | Imprivata PatientSecure | Imprivata FairWarning | Imprivata Privileged Access Management | SecureLink Enterprise Access | SecureLink Customer Connect

Image of a businessman and a doctor talking with each other

Identity management

Next is identity management, where IT and HR specify your sources of truth for users and plan for the provisioning and lifecycle management of human and non-human entities, including mobile and IoT/IoMT devices in hybrid environments.

An IAM solution must integrate closely with an organization’s identity sources for diverse roles, as well as the numerous applications and workflows found in today’s complex environments. The effective IAM solution also helps manage risk by providing the tools needed to adjust access entitlements based on continuous monitoring and anomaly detection, such as access to patient records and controlled substances for healthcare organizations.

 

SOLUTIONS THAT SUPPORT IDENTITY MANAGEMENT

Imprivata Identity Governance | Imprivata Mobile | Imprivata OneSign | Imprivata Confirm ID | Imprivata PatientSecure | Imprivata FairWarning

Image of a doctor and a man looking at a smart tablet together

Authorization

The authorization stage is where policies and access rules are built into the IAM system to govern which data and applications are to be accessed by which users according to their roles, rights, and responsibilities.

In many organizations, an employee may take on different roles that change from shift to shift as staff rotates. This complex environment of “one beating heart (or identity), multiple roles” demands appropriate authorization to access the tools needed without delay.

 

SOLUTIONS THAT SUPPORT AUTHORIZATION

Imprivata Identity Governance | Imprivata Mobile | Imprivata OneSign Imprivata Confirm ID | Imprivata PatientSecure | Imprivata FairWarning | Imprivata Privileged Access Management | SecureLink Enterprise Access | SecureLink Customer Connect

Image of a surgeon using a touchscreen on a medical device

Authentication and access

The final step is authentication and access, which is the execution phase. Here, users are authenticated and granted access to cloud, on-premises, and mobile applications used on a variety of endpoints.

Access control and authentication functions need to sync with user workflows to enable productivity. For healthcare, this means enabling real-time patient care. Employees use a variety of applications on a multitude of endpoints — from shared workstations to mobile and IoT/IoMT devices. An IAM solution must integrate closely with these varied applications and devices to quickly authenticate and grant access to the mission-critical resources a user requires.

 

SOLUTIONS THAT SUPPORT AUTHENTICATION AND ACCESS

Imprivata Identity Governance | Imprivata Mobile | Imprivata OneSign Imprivata Confirm ID | Imprivata PatientSecure | Imprivata Privileged Access Management | SecureLink Enterprise Access | SecureLink Customer Connect

Image of a lab employee using a touch screen desktop device

What will your assessment reveal?

Quickly assess the effectiveness of your digital identity strategy based on current-state tools and processes. Then, receive a customized report with actionable guidance to build a comprehensive plan that optimizes user access, cybersecurity, and compliance.