Oxford University Hospitals NHS Trust has extended its use of Imprivata’s single sign-on solution to support its virtual desktop infrastructure.
The trust, which first implemented Imprivata OneSign in 2008, has deployed ‘no click access’ functionality, which lets users log into the trust’s virtual desktop by tapping their NHS smartcards on a reader and entering a secure PIN.
This automatically launches the desktop on any hospital computer, and logs the user into the trust’s systems and applications.
Dr Paul Altmann, the trust’s chief clinical information officer, said in a case study issued by the company, that it was vital for clinicians to be able to log-in quickly.
“We needed a secure single point of access to both the virtual desktop and the applications therein without disrupting workflows,” he said.
“This was essential for clinicians who rightly focus on patient care as their absolute priority, and who therefore need to have the most unobtrusive IT and security systems in place to support high quality care.”
The trust used Imprivata’s open application programming interface to inegrate with its Quest vWorkspace virtual desktop infrastructure.
“We were happy with how Quest vWorkspace was working for us, and the ability to tailor Imprivata’s solution to fit that jigsaw was really essential to this project from an IT management and budget perspective,” said Dr Altmann.
Using the ‘tap and go’ solution, clinicians can access the trust’s Millennium EPR, PACS and other applications until they tap their card again to suspend their session.
To authenticate to Spine applications, however, users have to insert the card into a reader. When the card is removed from the reader, the Spine session is disconnected.
When a clinician moves to another computer and logs in, the session is launched automatically as it was left running on the previous desktop.
“Staff in the A&E department are constantly using different workstations,” said Dr Altmann.
“The work we have done with Imprivata gives our staff the mobility needed to securely access sensitive patient information at the point of care, without having to endure a complicated login process repeatedly throughout their shifts.”