What to know about implementing single-sign-on and multifactor authentication

What to know about implementing single-sign-on and multifactor authentication

Posted Jan 14, 2022 from

Striking the right balance between complex passwords, security and workflow efficiency is a big challenge for healthcare CISOs and CIOs. The rising number of publicly reported breaches shows the need to balance all three. Healthcare IT News interviewed Wes Wright, CTO at Imprivata, a digital identity company, to dig into eliminating security friction, integrating compliance and security steps into end-user workflows, augmenting complex password policies with multifactor authentication (MFA), and making security "invisible" to the end user. If you talk to any healthcare organization, you will most likely find this "security friction" where cybersecurity measures are viewed as obstacles to patient care. A. Implementing a digital-identity framework that caters to the uniqueness of the healthcare industry is critical to integrating compliance and security into end-user workflows. Any security and compliance steps that will be used by end users need to be specific to the healthcare industry, show intrinsic value and balance efficiency. That's why it's important to pair the password-management functions of SSO with MFA to give healthcare organizations an extra layer of security as end users access the system. Ultimately, MFA is part of what provides that secure, auditable chain of trust wherever, whenever and however users interact with systems, such as EHRs, that involve patient records within the healthcare organization. How can healthcare organizations make security "invisible" to the end user? While CISOs and CIOs need to protect their organizations, they also need to make sure security measures don't frustrate clinicians.


See Topics

See Also

Next Article