Delivering ICS Digital Transformation, Identity Strategy and System Efficiency

Unlocking the promise of joined-up health and care provision

On 28 April, the Health and Care Bill received Royal Assent and became an Act of Parliament. The bill formalises the intent to establish Integrated Care Systems (ICSs) across England. This evolution of health and care delivery will develop multi-agency partnerships that span the NHS, local government, voluntary, community, and social enterprise (VCSE) organisations, and other partners. ICSs will have the responsibility to plan and deliver joined-up health and care services for people in their local areas and collaborative working will be key to the successful delivery of this vision.

Ensuring the ICS vision becomes a reality will require clear communication, fast, secure access to information, and enthusiastic adoption by clinicians and all other frontline workers, with the aim of better meeting the needs of the populations being served. This in turn requires:

  • A strategic approach to planning data access across the ICS, with a foundation in digital transformation
  • Strong management of digital identity for people and devices
  • A better experience for users, accessing systems that are purpose-built for secure and efficient health and care delivery

To truly provide personalised care for patients with joined up services, a holistic approach is needed which will connect organisations, systems and data in new ways. In tandem with the requirement for more access, connectivity and collaboration, there is a need to increase confidence that joined up services will be secure and that patient data will remain confidential.

Keeping systems and data secure

With many different organisations using disparate systems across an ICS, bringing those systems together into a cohesive framework that enables frontline staff to deliver enhanced care without disruption, needs careful planning. As telehealth and remote care become more important components in healthcare provision, a unified platform to manage digital identity that provides a consistent user experience is paramount to enable fast, controlled access to patient information to empower providers, while protecting sensitive data.

Cyber security threats continue to mount year by year. In 2019 41% of all security breaches occurred in the healthcare industry. Mass mobilisation of healthcare because of the pandemic, hybrid working practices and the public's increased collection and access to their own information via apps, means cyber criminals have a broader attack service and cyber security will continue to grow as a key issue.

The strategic answer is to make digital identity the new control plane through which all access to clinical and patient data systems is managed. Many healthcare organisations already use identity and access management tools, yet few integrate them into a holistic digital identity strategy. This is because in the past the deployment of these tools has been disparate making integration so complex that it is not prioritised. Now proven tools have become available enabling a more holistic and joined up approach to digital transformation, which, with the implementation of the ICSs is now a strategic priority.

Strategic management of digital IDs for people and devices across an ICS

Healthcare organisations typically use a wide variety of shared and individual workstations and devices from which clinicians access applications and patient information; shared mobile devices with apps that are purpose-built for healthcare workflows; and a growing range of connected medical devices. The user base across the range of organisations making up the ICS is also disparate and fluid, with employees, visiting clinicians, registrars, locums, agency staff, part-time workers and volunteers changing the user base composition almost daily.

To make the ICS concept a reality there needs to be a strategy for the management of digital identity – for employees and devices – to enable new digitally enhanced workflows. These digital workflows require strong, effective management of permissions, governance and patient privacy while providing the right data at the right time to the right person. A balanced approach will ensure that cybersecurity policies and controls are implemented in such a way that does not act as a barrier for clinicians. At the same time, ensuring that only authorised users can access systems so that confidential data remains protected, and, an all-encompassing audit trail is created. What’s needed is a clear, easy to manage yet robust approach to Identity Access Management (IAM).

Digital Identity Management

The success of taking a strategic approach to Digital Identity Management can be seen at Bolton NHS Foundation Trust. Early in 2020, Bolton instigated a project to introduce Imprivata Identity Governance, to improve the processes for managing access to systems and data for staff joiners, movers and leavers. Now it takes line managers just minutes instead of weeks to onboard a new employee, grant temporary access or process a leaver, without the need for any IT helpdesk involvement or technical knowledge.

A recent KLAS Impact report found that typically only a 1/3rd of negative experiences clinicians have using an EMR is due to the system itself. Elements such as lack of training and slow access to computers are equally contributing factors to a poor user experience. This highlights the fact that fast access to clinical applications is critical for all front line workers and to ensure enthusiastic user adoption for any new system introduced.


To truly exploit the benefits from an integrated care approach, the Digital Identity Management strategy needs to span organisations to enable effective collaboration through shared data and integrated workflows.

To find out more register for our webinar on August 9th, hosted by Andy Wilcox, Senior Solutions and Enablement Manager at Imprivata, and Andy Kinnear, former NHS CIO and now Independent Consultant, you’ll learn more about the vision for ICSs, and how to make that vision a reality at your organisation. Join us to hear how a robust digital identity framework can help facilitate the process and:

  • Deliver patient information instantly at every point of care
  • Manage the full identity lifecycle, thereby reducing security risks and easing the burden of regulatory compliance
  • Improve workflows, resulting in efficiencies for clinicians and IT alike