Healthcare is one of the most heavily regulated sectors, where the sensitivity of the data requires strict access control.
A large healthcare provider, with dozens of hospitals, hundreds of laboratories and treatment centers has an employee count in tens of thousands.
Managing user authorizations used to be a labor-intensive task.
The challenges
Our customer has a number of employees holding various different positions, for example, as a doctor and researcher. The employment contract for a doctor is permanent, while the research contract is valid for a limited time.
Both positions have different access control requirements for different systems. They also have overlapping access controls to the same systems, with the exception that the other position’s access controls end when the contract expires.
The identity management product the customer was using could not handle multiple employment contracts nor the calculation of overlapping or time-restrained access control sets. For example, it would have removed all permissions from systems when the research contract expired.
This could be handled manually by creating multiple identities for the same user, but the customer wanted to avoid excessive manual tasks as there is a frequent need to support multiple positions for a single user with different time limitations.
The solution
As a solution, the customer implement Haidion Seafront to calculate the access control sets based on the contract data in the HR system and provisioning the resulted access controls for the existing IdM solution.
Haidion Seafront also took care of deprovisioning the correct access controls when one or the other contract expired.
The benefits
As a result, the customer is saving a hefty amount of administrative work from manually adding additional access controls to their existing IdM.
They also kept their users happy without the need to add yet another set of login credentials to get access to additional systems.
Comments