Digital identity framework

A cohesive approach to managing the digital identity –which lives at the core of modern security.

Talk to an expert

Framework overview

The digital identity framework is a unified, efficiency- and security-focused guide to provide CISOs, CIOs, and other IT leaders a toolkit to drive their IAM strategy. It addresses key governance and administration, identity management, authorization, and access and authentication functions to support the planning process — beginning with the end in mind.

What it means in healthcare

Benefits

Governance and administration

Compliance

Healthcare and government standards Analytics and audit reports EPCS reporting

Risk mitigation

Anomaly detection Entitlement and attestation review and remediation Patient safety: records de-dupe, EMPI

Identity management

Identity provider

Identity store Directory federation

Lifecycle

User provisioning, including non-employees Non-human/service account provisioning Ongoing privilege management Mobile device management

Authorization

Roles and policies

Coarse- and fine-grained authorization control Data access policies One identity/multiple roles

Identity assurance

Identity proofing for EPCS Biometric patient identification

Authentication and access

Multifactor authentication

Remote access EPCS Clinical workflow authentication Risk-based and adaptive authentication

Single sign-on

Cloud apps Legacy apps Mobile apps

Access control

Clinical/virtual desktops Shared mobile devices Medical devices Privileged access management

Self-service

Password management Enrollment Patient self check-in

Choose an Imprivata product to explore in the framework

All products

Imprivata Identity Governance

Imprivata Mobile

Imprivata OneSign

Imprivata Privileged Access Management

Imprivata Confirm ID

Imprivata PatientSecure

Imprivata FairWarning

Governance and administration

Starting with governance and administration, identify the standards with which your organization will need to comply, including the reports you’ll need to do so.

What’s important for healthcare?

An effective solution will provide dashboards from which you can track which clinical staff are accessing which applications, monitor patient privacy and potential drug diversions, and generate audit summaries — for example, reports of EPCS activities as part of a DEA-adherent process.

Products that support governance and administration

Imprivata Identity Governance | Imprivata Mobile | Imprivata OneSign
Imprivata Confirm ID | Imprivata PatientSecure | Imprivata FairWarning

Image of a businessman and a doctor talking with each other

Identity management

Next is identity management, where IT and HR specify your sources of truth for users and plan for the provisioning and lifecycle management of human and non-human entities, including mobile and medical devices in hybrid environments.

What’s important for healthcare?

An IAM solution for healthcare must integrate closely with the HDO’s identity sources for diverse roles, from clinicians in the hospital to visiting nurses and physicians, as well as the numerous applications and workflows — such as EHR software — found in today’s clinical environments.

The effective IAM solution also helps the HDO manage risk by providing the tools needed to adjust access entitlements based on continuous monitoring and anomaly detection, including access to patient records and controlled substances.

Products that support identity management

Imprivata Identity Governance | Imprivata Mobile | Imprivata FairWarning

Image of a doctor and a man looking at a smart tablet together

Authorization

The authorization stage is where policies and access rules are built into the IAM system, to govern which data and applications are to be accessed by which users according to their roles, rights, and responsibilities.

What’s important for healthcare?

In the hospital environment, care providers may take on different roles that change from shift to shift as staff rotates. A practitioner could serve as an emergency department physician one day and an administrative physician, performing oversight duties, the next. This complex environment of “one beating heart (or identity), multiple roles” demands appropriate authorization to access the tools clinicians need without delay.

Products that support authorization

Imprivata Identity Governance | Imprivata OneSign | Imprivata Confirm ID
Imprivata PatientSecure | Imprivata FairWarning

Image of a surgeon using a touchscreen on a medical device

Authentication and access

The final step is authentication and access, which is the execution phase. Here, users are authenticated and granted access to cloud, on-premises, and mobile applications used on a variety of endpoints.

What’s important for healthcare?

Access control and authentication functions need to sync with clinical staff operations to enable real-time patient care. Clinicians use a variety of applications on a multitude of endpoints — from shared workstations to mobile and medical devices. An IAM solution must integrate closely with these varied applications and devices to quickly authenticate and grant access to the mission-critical resources a clinician requires.

Products that support authentication and access

Imprivata Identity Governance | Imprivata Mobile | Imprivata OneSign | Imprivata Confirm ID

Image of a lab employee using a touch screen desktop device

How mature is your digital identity strategy?

Managing digital identities is imperative for today’s complex, high-risk, and regulated healthcare environments. Quickly assess the effectiveness of your current strategy and get custom insights to improve your security posture.

Take the assessment

Pages of the Digital Identity Maturity Assessment

Put ideas into action

Book your personalized consultation with a digital identity expert today.

Talk to an expert