Healthcare delivery organizations (HDOs) have evolved into highly complex environments with many users and roles, locations, devices, and applications. These complexities demand a cohesive approach to managing the digital identity – which lives at the core of the modern identity and access management (IAM) strategy.
Learn more about how the framework can support your organization
The Imprivata digital identity framework for healthcare — a deep dive with Wes
Wes Wright, CTO at Imprivata, offers insight into the Imprivata digital identity framework for healthcare as a holistic approach to identity and access management tailored to healthcare.
A deeper dive
The Imprivata framework is structured according to the key categories required for a robust digital identity strategy that meets healthcare’s unique demands. These categories are: governance and administration, identity management, authorization, and access and authentication. As described below, the categories are ordered in the framework to support the planning process, beginning with the end in mind.
Governance and administration
Starting with governance and administration, identify the standards with which your organization will need to comply, including the reports you’ll need to do so.
What’s important for healthcare?
An effective solution will provide dashboards from which you can track which clinical staff are accessing which applications, generate entitlement and access reports, and, as an example, generate audit summaries of EPCS activities as part of a DEA-adherent process.

Products that support governance and administration
Imprivata Identity Governance | Imprivata Mobile | Imprivata OneSign
Imprivata Confirm ID | Imprivata PatientSecure
Identity management
Next is identity management, where IT and HR specify your sources of truth for users and plan for the provisioning and de-provisioning of human and non-human entities, including mobile and medical devices in hybrid environments.
What’s important for healthcare?
An effective IAM solution must integrate directly with the HDO’s diverse identities, from IT administrators to practicing clinicians, as well as the numerous applications and workflows found in today’s clinical environments. An identity management system designed for healthcare, with proven compatibility with leading EHR vendor software, for example, will expedite return on investment and deliver efficient results.

Products that support identity management
Authorization
The authorization stage is where policies and access rules are built into the IAM system, to govern which data and applications are to be accessed by which users according to their roles, rights, and responsibilities.
What’s important for healthcare?
In the hospital environment, care providers may take on different roles that change from shift to shift as staff rotates. A practitioner could serve as an emergency department physician one day and an administrative physician, performing oversight duties, the next. This environment of “one beating heart (or identity), multiple roles” demands appropriate access and permissions as needed and without delay.

Products that support authorization
Imprivata Identity Governance | Imprivata OneSign | Imprivata Confirm ID | Imprivata PatientSecure
Authentication and access
The final step is authentication and access, which is the execution phase. Here, users are authenticated and granted access to cloud, on-premises, and mobile applications used on a variety of endpoints.
What’s important for healthcare?
Access control and authentication functions need to sync with clinical staff operations, such as quickly accessing an individual’s instance of a workflow from a shared nurses’ station, or retrieving data from a mobile device dedicated for use during that shift. The hospital environment contains a variety of providers, e.g., clinical, administrative, and temporary, as well as a multitude of endpoints. Medical devices also require access control to prevent tampering.

Products that support authentication and access
Imprivata Identity Governance | Imprivata Mobile | Imprivata OneSign | Imprivata Confirm ID
Learn more about how the framework can support your organization