Currently the task of electronically accessing health information often means logging into multiple, disconnected networks, portals, or databases. This means that users (physicians, nurses, pharmacists, etc.) must maintain and remember unique login IDs and passwords for each data source they use.
These multiple safeguards create obvious productivity-draining issues, including forgotten login information, passwords that need to be recovered and reset, or auto-lockout after multiple failed login attempts. Also, there are security risks inherent in users writing down passwords or keeping them simple or identical to ease memorization. The issues multiply with each additional login and password combination that a user must maintain, creating additional security risks and potentially taking a health professional’s valuable time away from caring for patients.
Using one identity to access multiple networks
The idea of using one digital login ID/password combination to access multiple systems and networks has been gaining popularity in recent years. This ability to share one identity across multiple networks, web sites, or software applications is popularly called “Single Sign-On.” It gained immediate acceptance as patrons enjoyed the freedom from remembering so many unique login/password combinations.
In healthcare allowing individuals to use one login ID/password combination to access multiple systems is more complicated due to HIPAA laws and the sensitivity of protected health information, but it is still possible if the correct trust mechanisms are in place with the participating organizations.
The Single Sign-On use case increases security by simplifying a user’s access and reducing the overall number of identities a participant must manage. The primary goal is to establish a single trusted identity and set of attributes that can be used by an individual or service between trusted data sharing organizations.
Documents for this use case are shown below.
Use Case Summary:
Use Case Implementation Guide:
To participate in the Single Sign-On use case, or for any questions regarding these documents, please contact us.