Identity and Access Management

 

Are you exploiting Identity and Access Management technologies to radically increase information governance compliance capability more cost effectively?

Identity Management is a business critical component of information governance. Almost every aspect of compliance depends on identify management, from identifying owners of IG process and procedures, to those responsible for the management of information assets through to identifying information users and purpose for which the information is used.

Across the NHS there are a wide range of operational systems employed day to day. The consistent, timely and appropriate range of identity and access rights management across all systems with current manual methods is costly, error prone and unnecessarily increases the cost and complexity of privacy audit and FOI subject access requests.

Readily available electronic identity and access management systems significantly increase reliability and consistency whilst reducing operating costs in the delivery of significant business benefits. Such benefits include:

  • Level 3 attainment of IG toolkit requirement 8-206.
  • Automated provisioning and user account management (Integration with NHS Electronic Staff Record (ESR) and third party staff management systems), facilitating starters, leavers and changes to user roles and functions at the network level i.e. Microsoft Windows and Active Directory.
  • Deep provisioning: the creation and management of user accounts in business applications i.e. operational systems and database applications.
  • Facilitating more reliable setting of access rights and permissions, optionally employing NHS Role Based Access Control (RBAC) methods.
  • Single Sign-on, providing simplified access to operational systems and business applications i.e. automatically handling information and operational application logon requests once, greatly simplifying clinician access to, and interaction with, operational clinical systems.
  • Integration of two factor / strong authentication, incorporating integration of NHS Smartcards and Registration Authority national application access control.
  • Self Service Password Management, providing users with the ability to manage password resets, removing the need to contact the service desk

The Thinking People will help you to qualify your requirements and identify the best solutions going forward, drawing on an extensive range of NHS specialist expert knowledge and experience. In deployment, we employ an agile step change and best of breed approach to substantially reduce the risk of a large scale user identity and authentication management processes change, ensuring that each stage delivers quantifiable and realisable benefits and return on investment, and proper set up for the next step of service enhancement.

If you would like to read more about our Identity and Access Management solutions click on the image below.

Alternatively, contact us for a free consultation to explore the range of identity management solutions options and establish your first step.