Main Line Health selects RSA Security to help physicians improve productivity and protect sensitive patient records

Bedford 05 January 2004Main Line Health, one of the largest health care providers in Southeastern Pennsylvania, is using RSA Security's RSA SecurID two-factor authentication solution to help comply with HIPAA requirements for ensuring patient privacy and security of health information. The RSA SecurID solution, combined with a NetScreen Technologies Inc. SSL VPN, reduces hospital costs and improves productivity for more than 500 doctors and medical specialists at Main Line Health by allowing secure access to clinical information. Medical staff can view test or lab results and patient records over a high-speed Internet connection anytime, anywhere, while preserving the privacy and integrity of patients' personal data.


Main Line Health includes Bryn Mawr, Lankenau, and Paoli Hospitals; Bryn Mawr Rehabilitation Hospital; the Home Care Network; Main Line Clinical Labs; and other related health care entities. The organisation's initial use of the RSA SecurID solution focused on physicians who wanted remote access to the clinical information system, and later was expanded to include access to other Web-based applications such as digital imaging (PACS) and foetal monitoring systems. This has greatly enhanced the ability for the physicians to access time sensitive information from their homes and offices, and to quickly respond to the needs of their patients.

Given the confidentiality of patient data being exchanged over the Internet, Main Line Health needed a system that could provide a high level of assurance regarding the identities of medical personnel to avoid any unauthorized disclosures of information. Protecting patient privacy and securing data are requirements of the Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security regulations. As part of meeting these standards, health care organisations are applying best practices in health care information security, including the use of two-factor authentication for physicians who are remotely accessing protected health information over a network.

The NetScreen-SA Series SSL VPN appliance is a plug-and-play secure access device that requires no desktop client software to download or manage, and no changes to the user's internal servers. NetScreen's SSL VPN helps health care organisations provide electronic access to protected health information and applications while complying with HIPAA's security and privacy regulations in areas such as authentication, encryption, and access and audit controls. The SSL VPN supports extremely granular access controls to the URL and/or file level, so only those with a legitimate authorized need to access specific resources can do so. Netscreen is also certified as a member of the RSA Secured Partner Programme.

"The combined NetScreen and RSA Security solution provides our health care customers, such as Main Line Health, with the broadest range of access and security options to address the access needs to private information for these mobile user communities", stated Jason Matlof, vice president of marketing for NetScreen's secure access products. "In addition to meeting the security requirements of the organisation, we also help lower the cost of ownership of providing secure remote access by greatly reducing support needs."

John Kelly, director of technology for Main Line Health, stated: "The physicians associated with Main Line Health are more efficient now since they have 24/7 access to patient information. The ability for us to easily provide our physicians with secure remote access to systems that can save them time and money, allows us to more effectively compete with other health care providers. Patients expect to get medical information, such as test results, quickly. Our goal is to make sure that critical information is securely accessible to the doctors who can turn around in real-time and provide that information to their patients."

The RSA SecurID system is a two-factor user authentication solution, relied upon by thousands of organisations worldwide to protect valuable network resources. Used in conjunction with RSA ACE/Server software, a RSA SecurID authenticator functions like an ATM card for the network, requiring users to identify themselves with two unique factors, something they know and something they have, before they are granted access. More than 15 million people around the world use RSA SecurID authenticators to securely access VPN and remote access applications, Web servers and applications, network operating systems and more in both wired and wireless environments.

"Effective identity and access management starts with knowing who a person is before allowing them to access a network, so simple passwords are far too inferior for protecting network-based resources in any environment, but especially in health care", stated John Worrall vice president worldwide marketing at RSA Security. "Authentication is the cornerstone because it provides users with their digital identity. In the on-line world, the proof of an identity allows organisations to establish trust and grant users secure access to proprietary applications and documents."

Main Line Health, formed in January 1985, consists of three acute care hospitals: Bryn Mawr, Lankenau and Paoli Memorial; Bryn Mawr Rehab; Main Line Clinical Laboratories; Lankenau Institute of Medical Research; Great Valley Health, a physician network; and the Wayne Center, a skilled nursing facility. The mission of Main Line Health is to provide a comprehensive range of health services, complemented by appropriate educational and research activities, that meet community needs and improve the quality of life in the communities it serves.

With more than 13.000 customers around the globe, RSA Security provides interoperable solutions for establishing on-line identities, access rights and privileges for people, applications and devices. Built to work seamlessly and transparently in complex environments, the company's comprehensive portfolio of identity and access management solutions, including authentication, Web access management and developer solutions, is designed to allow customers to confidently exploit new technologies for competitive advantage. RSA Security's strong reputation is built on its history of ingenuity and leadership, proven technologies and long-standing relationships with more than 1000 technology partners.

Leslie Versweyveld

[Medical IT News][Calendar][Virtual Medical Worlds Community][News on Advanced IT]