RSA Security partners with Siemens Medical, Citrix, and M.D. Anderson Cancer Center

Bedford 22 April 2002RSA Security Inc. is working with Siemens Medical Solutions Health Services Corporation to provide Siemens customers with security solutions that authenticate authorised users and govern access to its software applications hosted from Siemens' Malvern, Pennsylvania-based information services centre. In addition, the University of Texas M.D. Anderson Cancer Center in Houston, Texas selected RSA Security as its strategic partner to help enable secure health care operations and facilitate e-health initiatives. And Providence Health System has added RSA SecurID to Citrix NFuse Classic and Citrix Secure Gateway allowing secure access to critical patient information via the Internet.


Siemens Medical Solutions Health Services is an application service provider (ASP), hosting health care applications such as registration, financial and clinical systems to more than 1000 health organisations. The company is now providing RSA SecurID authenticators to more than 11.000 users of its health care systems, offering them secure Internet access to mission-critical applications and patient information hosted by Siemens.

Siemens is also using RSA SecurID authenticators for more than 4000 internal employees to securely access corporate applications in conjunction with their Cisco virtual private network (VPN), helping to ensure only authorised users gain entry to networks and confidential health care information. The information is all managed by RSA ACE/Server 5.0 software, a robust authentication server which is designed to scale to protect remote access, VPN, and e-business applications across the enterprise.

The ASP model is designed to allow virtual integration of multiple applications across disparate locations, providing real time access to systems and information from doctors in Boston to clinicians in Seattle. Health care workers can also use secure e-mail to communicate with labs and patients, and hospitals and labs can automate processes with suppliers.

RSA SecurID software is a two-factor user authentication solution to protect valuable network resources. RSA SecurID software requires users to identify themselves with two unique factors: something they know, such as a password, and something they have, such as a token, before they are granted access. Each end user is assigned an RSA SecurID token which generates a new, unpredictable code every 60 seconds. The user combines this number with a secret PIN to log into protected resources.

With the increased demand to meet patient confidentiality needs in the health care industry, M.D. Anderson chose RSA Keon UnixControl software to strengthen its internal UNIX infrastructure. The RSA Keon solution provided the proper tools to heighten the level of user-based authentication, control access to system resources, and enhance accountability. M.D. Anderson Cancer Center is devoted exclusively to cancer patient care, research, education, and prevention. It helps to facilitate research to combat cancer by allowing secure channels for researchers to work with other researchers worldwide.

M.D. Anderson has a robust and growing need to meet customer demands for secure access to sensitive cancer health care information. RSA Keon UnixControl software, a comprehensive security management system for mixed UNIX environments, has helped enable M.D. Anderson to centrally implement, enforce, and audit a precise security policy. It has also saved the company time and money by streamlining server account management, which has allowed server administrators to delegate management functions and do other important tasks.

In addition, the federal Health Insurance Portability and Accountability Act (HIPAA), a comprehensive law guiding the development of electronic data interchange (EDI) for specified administrative and financial health care transactions, is also driving the need to protect patient data. While not yet finalised, it is clear that HIPAA regulations may change the way patient health care information is managed. M.D. Anderson's relationship with RSA Security allows for advanced security capabilities so that M.D. Anderson continues to have confidentiality, integrity, and availability on its intranet and also remains ahead of regulations and HIPAA mandates.

Citrix Systems Inc., specialised in virtual workplace software and services, has extended its relationship with RSA Security to enable customers to simply and securely deliver business-critical applications over the Internet, on demand, from any device. RSA Security has certified Citrix Secure Gateway (CSG) and Citrix NFuse Classic portal software as "RSA Secured RSA SecurID Ready" for use with the RSA SecurID family. Through this partnership, RSA Security and Citrix are providing office mobility to joint customers who require remote access to centralised, sensitive information in order to improve their operations while protecting network infrastructure, data, and applications.

"Our doctors are spread across the state, and we need a secure method of accessing patients' critical information on many different applications at a moment's notice", stated Dr. Richard Gibson, chief medical information officer at Providence Health System. "Adding RSA SecurID to Citrix NFuse Classic and Citrix Secure Gateway allows us to securely access this critical information via the Internet. It also enables us to authenticate users and deliver encrypted applications through a simple Web interface, giving doctors the ability to retrieve records of patients from any location and saving time by not requiring the need to learn a new application."

CSG functions as a secure Internet gateway between servers running Citrix MetaFrame and Citrix Independent Computing Architecture (ICA) enabled client devices, allowing mobile employees to access information and applications from any Web browser. Citrix solutions for workforce mobility extend access to a company's networked resources beyond the traditional office environment to anywhere, on any device, over any connection. All data transferred between the client workstation and the CSG server is encrypted, ensuring privacy and integrity of information flow.

NFuse Classic provides organisations like Providence Health System with the ability to integrate and publish standard Windows, UNIX, and Java applications into any Web portal instantly without any code rewrites. Working in conjunction with MetaFrame, NFuse Classic provides companies with greater manageability and lower costs through centralised application deployment and management. To provide additional security to this solution, access to the Citrix environment can be protected using RSA SecurID strong, two-factor authentication. By protecting the NFuse Classic Web server with an RSA SecurID Web Agent, users will only be granted access to the Citrix environment after a single successful authentication attempt to the RSA ACE/Server software.

RSA Security Inc. helps organisations build trusted e-business processes through its RSA SecurID two-factor authentication, RSA ClearTrust Web access management, RSA BSAFE encryption, and RSA Keon digital certificate management product families. With approximately one billion RSA BSAFE-enabled applications in use worldwide, more than 12 million RSA SecurID authentication users and almost 20 years of industry experience, RSA Security has the innovative technology to address the changing security needs of e-business.

Leslie Versweyveld

[Medical IT News][Calendar][Virtual Medical Worlds Community][News on Advanced IT]