Identity management within Hospitals cluster The GHT (Hospitals cluster in France), created by the Health Act 2016, bring together several hospitals in the same region in order to strengthen their collaboration. This involves, in particular, a shared management of hospital staff, but also the gradual unification of the Information Systems (IS) of hospitals in the same hospitals cluster. Identity management is one of the first building blocks to be implemented as part of IS merge, which must then adapt to a multi-LE (multi legal entity) context. Characteristics of Hospitals cluster In the context of GHT, the upstream provisioning will use data from several HR repositories (one per entity) to create and synchronize a single repository to manage users’ application permissions. Caregivers may have several contracts with different entities within the same Hospitals cluster. In fact, they will be imported several times into the digital identity management and target authorization management solution. Therefore, it is necessary to merge identities from several HR databases corresponding to the same person. However, several institutions may use homonyms. It is therefore necessary to be careful not to merge these homonyms under the same identity. Digital identities and authorizations management solutions must therefore adapt to this specific and relatively recent situation by providing a module dedicated to Hospitals cluster. In order to address these issues, the Systancia Identity solution, formerly Avencis Hpliance, includes a module adapted to these use cases : Merging multiple identities for the same person from several HR databases (several entities) and managing homonyms. An identity verification procedure is performed when importing users. In case of homonymy, a workflow is triggered to decide whether it is a unique person or not.Managing people working in different entities with different missions and roles depending on the entity (contract concept). A contract manages a link between an identity and an organization. It defines this link with information such as the profession, rank, function, or start and end dates of the contract. For example, a physician may have a management role in one institution and a surgeon role in another. The contract can also be used in the authorization rules to assign different authorizations based on the profession/rank/function/ … defined in the contract.The management, for each entity, of its own directory and the definition of its authorization rules is made possible thanks to the administration delegation module.Moreover, it is possible to create one tree per organization (one organizational tree per hospital and optionally one geographical tree per hospital). The administration of authorization rules of a given tree can be delegated to the hospital or centralized in a global structure of the Hospitals cluster. The IGA at the service of staff and patients While IGA (Identity and Governance Administration) solutions must be adapted to Hospitals cluster to take into account the specificities of this type of organization, the main interest of implementing such a solution within a Hospitals cluster is to allow different entities to communicate and to understand each other. Health professionals, who can operate in several hospitals of the Hospitals cluster, must be able to easily access the information they need (including patient records or the availability of equipment) as well as to collaborate easily with their colleagues (for example, by being able to quickly identify physicians based on their specific skills). All this will be made possible by the progressive merge of Information Systems of hospitals from the same Hospitals cluster, with the IGA as the cornerstone. This convergence and homogenization of the IS of the same Hospitals cluster, which must be fully effective by the 1st of January 2021 [01], will also allow patients to benefit from a better care offer. They will benefit from a coordinated management between the different health care providers of the Hospitals cluster. From a financial point of view, costs are kept under control since the merge of the Hospitals cluster IS allows small health care institutions to benefit from the same IGA equipment as those deployed in the largest hospital of the Hospitals cluster. From a regulatory point of view, as part of the security of health information systems (PGSSI-S), hospitals, and therefore Hospitals cluster, are subject to strict obligations in terms of data privacy/IS security, which cannot be achieved without IGA. Discover Systancia Identity References [01] Implementing convergent information systems
How to best respond to Privileged Access Management regulations & directives PAM cybersecurity regulations
Digital Confidence Management of privileged accounts: 5 key recommendations to protect your Information System