Framework overview
A comprehensive digital identity strategy includes key functions that work together to optimize user productivity, cybersecurity, and compliance. The framework provides IT and security leaders with a blueprint to support the planning process.
Benefits
Governance and administration
Compliance
Healthcare and government standards
Analytics and audit reports
EPCS reporting
Risk mitigation
Anomaly detection
Entitlement and attestation review and remediation
Patient safety — records de-dupe, EMPI
Identity management
Identity provider
Identity store
Directory federation
Lifecycle
User provisioning, including non-employees
Non-human/service account provisioning
Ongoing privilege management
Mobile device management
Authorization
Roles and policies
Coarse- and fine-grained authorization control
Data access policies
One identity, multiple roles
Identity assurance
Identity proofing for EPCS
Biometric patient identification
Authentication and access
Multifactor authentication
Remote access
EPCS
Clinical workflow authentication
Risk-based and adaptive authentication
Single sign-on
Cloud apps
Legacy apps
Mobile apps
Access control
Clinical/virtual desktops
Shared mobile devices
Medical devices
PAM and VPAM
Self-service
Password management
Enrollment
Patient self check-in
Choose an Imprivata product to explore in the framework
Select all
Reset
Identity governance
Imprivata Identity Governance
Mobile IAM
Imprivata Mobile
Single sign-on
Imprivata OneSign
Multifactor authentication
Imprivata Confirm ID
Patient identification
Imprivata PatientSecure
Risk analytics and intelligence
Imprivata FairWarning
SecureLink Privacy Monitor
Privileged access management
Imprivata Privileged Access Management
Vendor privileged access management
SecureLink Enterprise Access
SecureLink Customer Connect
Microsoft
Identity is the foundation of modern security
Many organizations use digital identities to authenticate and authorize user access, and control and audit their actions. For this reason, a well architected digital identity strategy is one of the most business critical solutions today.
Governance and administration
Identity governance and administration is a key element of every digital identity strategy and includes preparing for compliance requirements. Here, you’ll need to identify the standards with which your organization will comply, including the reports you’ll need to do so.
To aid in this process, effective identity and access management solutions will provide dashboards to track which staff are accessing which applications. This enables you to monitor for compliance and generate audit summaries. For example, reports of activities as part of industry and/or government-adherent processes.
Identity management
Identity management is the function where IT and HR specify the sources of truth for your users, and plan for the provisioning and lifecycle management of human and non-human entities. This includes mobile and IoT/IoMT devices in hybrid environments.
Identity and access management solutions must integrate closely with your identity sources for a diverse set of roles, as well as the numerous applications and workflows found in today’s complex ecosystems. These solutions must also help manage risk by enabling you to adjust access entitlements based on continuous monitoring and anomaly detection, such as access to PHI/PII and controlled substances for healthcare organizations.
Authorization
The authorization stage is where policies and access rules are built into your identity and access management system to govern which data and applications are to be accessed by which users according to their roles, rights, and responsibilities.
In many organizations, an employee can take on different roles that change from shift to shift as staff rotates. This complex environment of “one identity, multiple roles” demands appropriate authorization to access the tools needed without delay.
Authentication and access
The final step is authentication and access, which is the execution phase. Here, users are authenticated and granted access to cloud, on-premises, and mobile applications used on a variety of endpoints.
Access control and authentication functions need to sync with user workflows to enable productivity. For healthcare organizations, this means enabling real-time patient care.
Employees use a variety of applications on a multitude of endpoints — from shared workstations to mobile and IoT/IoMT devices. Identity and access management solutions must integrate closely with these varied applications and devices to quickly authenticate and grant access to the mission-critical resources a user requires.
