Framework overview
The digital identity framework provides IT and security leaders with a toolkit to drive their IAM strategy. It addresses key governance and administration, identity management, authorization, and access and authentication functions to support the planning process — beginning with the end in mind.
What it means in healthcare
Benefits
Governance and administration
Compliance
Healthcare and government standards
Analytics and audit reports
EPCS reporting
Risk mitigation
Anomaly detection
Entitlement and attestation review and remediation
Patient safety: records de-dupe, EMPI
Identity management
Identity provider
Identity store
Directory federation
Lifecycle
User provisioning, including non-employees
Non-human/service account provisioning
Ongoing privilege management
Mobile device management
Authorization
Roles and policies
Coarse- and fine-grained authorization control
Data access policies
One identity/multiple roles
Identity assurance
Identity proofing for EPCS
Biometric patient identification
Authentication and access
Multifactor authentication
Remote access
EPCS
Clinical workflow authentication
Risk-based and adaptive authentication
Single sign-on
Cloud apps
Legacy apps
Mobile apps
Access control
Clinical/virtual desktops
Shared mobile devices
Medical devices
PAM and VPAM
Self-service
Password management
Enrollment
Patient self check-in
Choose an Imprivata product to explore in the framework
Select all
Reset
Identity governance
Imprivata Identity Governance
Mobile IAM
Imprivata Mobile
Single sign-on
Imprivata OneSign
Multifactor authentication
Imprivata Confirm ID
Patient identification
Imprivata PatientSecure
Risk analytics and intelligence
Imprivata FairWarning
SecureLink Privacy Monitor
Privileged access management
Imprivata Privileged Access Management
Vendor privileged access management
SecureLink Enterprise Access
SecureLink Customer Connect
Microsoft
Governance and administration
Starting with governance and administration, identify the standards with which your organization will need to comply, including the reports you’ll need to do so.
An effective solution will provide dashboards from which you can track which staff are accessing which applications. For healthcare organizations, this enables you to monitor and generate audit summaries for patient privacy and drug diversion — for example, reports of EPCS activities as part of a DEA-adherent process.
SOLUTIONS THAT SUPPORT GOVERNANCE AND ADMINISTRATION
Imprivata Identity Governance | Imprivata Mobile | Imprivata OneSign Imprivata Confirm ID | Imprivata PatientSecure | Imprivata FairWarning | Imprivata Privileged Access Management | SecureLink Enterprise Access | SecureLink Customer Connect
Identity management
Next is identity management, where IT and HR specify your sources of truth for users and plan for the provisioning and lifecycle management of human and non-human entities, including mobile and IoT/IoMT devices in hybrid environments.
An IAM solution must integrate closely with an organization’s identity sources for diverse roles, as well as the numerous applications and workflows found in today’s complex environments. The effective IAM solution also helps manage risk by providing the tools needed to adjust access entitlements based on continuous monitoring and anomaly detection, such as access to patient records and controlled substances for healthcare organizations.
SOLUTIONS THAT SUPPORT IDENTITY MANAGEMENT
Imprivata Identity Governance | Imprivata Mobile | Imprivata OneSign | Imprivata Confirm ID | Imprivata PatientSecure | Imprivata FairWarning
Authorization
The authorization stage is where policies and access rules are built into the IAM system to govern which data and applications are to be accessed by which users according to their roles, rights, and responsibilities.
In many organizations, an employee may take on different roles that change from shift to shift as staff rotates. This complex environment of “one beating heart (or identity), multiple roles” demands appropriate authorization to access the tools needed without delay.
SOLUTIONS THAT SUPPORT AUTHORIZATION
Imprivata Identity Governance | Imprivata Mobile | Imprivata OneSign Imprivata Confirm ID | Imprivata PatientSecure | Imprivata FairWarning | Imprivata Privileged Access Management | SecureLink Enterprise Access | SecureLink Customer Connect
Authentication and access
The final step is authentication and access, which is the execution phase. Here, users are authenticated and granted access to cloud, on-premises, and mobile applications used on a variety of endpoints.
Access control and authentication functions need to sync with user workflows to enable productivity. For healthcare, this means enabling real-time patient care. Employees use a variety of applications on a multitude of endpoints — from shared workstations to mobile and IoT/IoMT devices. An IAM solution must integrate closely with these varied applications and devices to quickly authenticate and grant access to the mission-critical resources a user requires.
SOLUTIONS THAT SUPPORT AUTHENTICATION AND ACCESS
Imprivata Identity Governance | Imprivata Mobile | Imprivata OneSign Imprivata Confirm ID | Imprivata PatientSecure | Imprivata Privileged Access Management | SecureLink Enterprise Access | SecureLink Customer Connect
What will your assessment reveal?
Quickly assess the effectiveness of your digital identity strategy based on current-state tools and processes. Then, receive a customized report with actionable guidance to build a comprehensive plan that optimizes user access, cybersecurity, and compliance.
