Healthcare Client's Identity Transformation: CredenceIA modernized a pediatric healthcare system's identity governance with zero-trust principles, integrating Cerner EHR to enhance security, privacy, and efficiency.
Overview
The client, a pediatric healthcare system, faced significant challenges in managing and protecting patient health information. Their existing Identity Governance and Administration (IGA) system was a patchwork of legacy systems, manual processes, and undocumented workflows. This setup not only posed risks of ad-hoc changes and disruptions but also hindered efficient user access management. The leadership recognized the need to modernize their approach, particularly with their on-premise Cerner Electronic Health Record (EHR) system, which required unique integration solutions. They aimed to adopt a zero-trust security model to enhance privacy, confidentiality, and operational efficiency.
The primary goal was to overhaul their identity governance processes, bridge technological gaps, and implement standardized, automated solutions tailored to the healthcare environment. This included ensuring robust controls to protect sensitive patient data, streamlining user access lifecycles, and reducing the risks associated with their current system.
How CredenceIA Helped
2015-2017
The healthcare organization enlisted CredenceIA's expertise to deliver a modern, comprehensive Identity Governance and Administration (IGA) solution as a Software as a Service (SaaS) with Saviynt as the backbone.
-
Roadmap Development: CredenceIA began by devising a detailed roadmap to transition from the client's fragmented legacy IGA systems to a unified, modern solution. This plan included steps to migrate data, integrate new technologies, and phase out outdated processes, ensuring minimal disruption to daily operations.
-
Data Validation: To ensure the integrity and uniqueness of user identities, CredenceIA implemented rigorous data validation processes. This involved cross-referencing multiple authoritative HR sources to verify credentials and maintain accurate records, which is crucial for compliance and security in a healthcare setting.
-
Integration with Cerner EHR: Recognizing the unique challenges posed by the client's on-premise Cerner EHR system, CredenceIA developed a custom middleware solution. This middleware facilitated seamless integration between Cerner and the Saviynt IGA platform, enabling efficient role-based access control (RBAC). Automated user profile role assignments and self-service capabilities were also introduced, significantly reducing the administrative burden and improving user experience.
-
Enhanced Security Measures: By adopting a zero-trust security model, CredenceIA helped the client enhance their overall security posture. This included implementing stringent access controls, continuous monitoring, and automated compliance checks to protect sensitive patient data and ensure regulatory compliance.
-
Streamlined Processes: CredenceIA's solution streamlined user lifecycle management processes, from onboarding to offboarding. Automated workflows replaced manual processes, reducing the risk of errors and ensuring that access rights were promptly updated as users' roles changed.
-
Training and Change Management: To ensure a smooth transition, CredenceIA provided comprehensive training and change management support. Custom training programs were developed to educate staff on the new system's features and best practices, facilitating quick adaptation and maximizing the benefits of the new IGA solution.
Outcome
Through strategic guidance and tailored solutions, CredenceIA enabled the healthcare organization to enhance security, streamline processes, and adapt to modern identity management standards. The successful implementation not only improved operational efficiency but also positioned the client for future growth and technological advancements.
​
-
Seamless IGA Implementation: Partnering with CredenceIA, the health system crafted a roadmap for a seamless IGA implementation.
-
Future-Ready Integration: Leveraged middleware to prepare for future SaaS-based EHR integration while maintaining decentralized integration for their on-prem Cerner system.
-
Enhanced Security: This approach expedited application integrations and reduced security risks by keeping applications isolated from the cloud and networks.