An IT security company which claims successful implementations in US hospitals of its enterprise single-sign on (ESSO) system has set up a European base and is attempting to target the UK health IT market.
Imprivata, based in Lexington, Massachusetts, has developed the OneSign system (below), which allows a single authentication onto a network. According to the company, it is an ‘out-of-the-box’ solution that does not require scripting and will handle and audit access to applications and files depending on the identity of the user.
"We have seen a surge in demand when we released this product in the US," Omar Hussein, senior vice president of marketing at Imprivata, told E-Health Insider, adding that this in turn had generated a "tremendous amount of interest for the UK."
Wayne Parslow, the new vice president of EMEA operations, said that the appetite for such a system was in the NHS indeed one English NHS organisation had started compiling its own system in-house before the National Programme for IT (NPfIT) had advised them that ID security systems would be provided centrally.
Having a scalable piece of hardware to take care of security issues is especially valuable in healthcare, explained Hussein: "In healthcare there still exists a vast amount of legacy systems." Other benefits of the system, he claimed, include ease of use, low maintenance, automatic background password changes, auditing, and minimal training requirements.
The system can also work with biometric identification, and will ‘save sessions’ and transfer desktops between workstations. According to Imprivata, This works better than other systems, such as dongles, because little physical interaction is required and there is less danger that files will be left open on screen.
A recent survey in the US for the Healthcare Information and Management Systems Society (HIMMS) revealed over half of the healthcare organisations polled said that they were planning to implement a single-sign on system for their staff and clinicians in the next two years. Imprivata say that discussions with number of English trusts have revealed a similar level of interest.
While ID card solutions are being developed by the NPfIT’s local service providers, the company is aiming to initially pitch its product at private healthcare in the UK, in an attempt to work up more interest in the system through showing a successful deployment. "The problem is in this country, that gives you a relatively small target," Parslow told EHI.
As the product is not healthcare specific, the company will also be targeting other industries where security is an important factor, namely the financial sector. The company may look at supplying to the Scottish and Welsh healthcare markets.
Hussein promised that the company’s enterprise single sign-on product would beat the prices of other similar security products on the market. "We will come in an order of magnitude below any other solution," he said.
Imprivata’s system is in place in a number of hospitals in the US, including the Laughlin Memorial Hospital, in Greeneville, Tennessee.
"The reality today is that managing passwords and accompanying policy is vital to any organisation and its employees," said Patrick Morely, CEO of Imprivata. He added: "On average our customers tell us that as much as thirty per cent of helpdesk call volumes are password-related requests."