RSA Security supplies largest Chicago hospitals with industry leading two-factor authentication

Bedford 30 August 2004Chicago-area hospitals are using RSA Security Inc.'s strong authentication solution to empower physicians with secure remote and mobile access to patient health information, reduce costs and protect patient privacy in compliance with the Health Insurance Portability and Accountability Act (HIPAA).


As a result of their deployment of RSA SecurID authentication technology, Chicago-area hospitals including Children's Memorial Hospital, Edward Hospital, John Stroger Hospital, MacNeal Hospital, Mercy Hospital, Northwestern Memorial Hospital and Rush University Medical Center are increasing physician productivity, improving administrative efficiency and helping to ensure the integrity of the hospitals' financial reporting systems.

Health care providers are continually looking for technology resources to reduce costs and increase standards of care. At the same time, these health care organisations (HCOs) need an efficient and secure way to control access to their applications and ensure that only authorized users are allowed to view confidential data. There are regulatory requirements established by the government mandating the protection of patient privacy and ensuring the security of health information.

Hospitals across the country are looking for ways to drive down costs to be more profitable while patients are demanding the highest level of privacy for their personal health information. As hospitals become more virtual and technologically advanced, they continue to look for solutions like RSA SecurID authentication that allow them to meet their business needs while considering the privacy demands of patients.

Children's Memorial Hospital (CMH) of Chicago, one of the largest children's hospitals in the country, needed to find a way to provide its mobile workforce with secure remote access to patient records, treatment information and academic research while conforming with federal, accreditation and financial reporting regulations. The hospital was having problems with remote password usage, and found it very costly to manage and reset passwords for mobile clinicians on a regular basis.

CMH turned to the RSA SecurID two-factor authentication solution. In conjunction with Citrix MetaFrame technology, the RSA SecurID solution gave physicians and nurses secure remote and mobile access to over 30 different applications. Using automated user provisioning through RSA SecurID Web Express software, CMH's IT staff was able to streamline the process of assigning tokens, increase office efficiency and reduce administrative costs.

"We found passwords to be the most expensive and insecure way to provide remote authentication. Helpdesk calls and password resets were out of control", stated Ron Isbell, Information Security administrator at CMH. "The RSA SecurID two-factor authentication solution provided our physicians and nurses with quick, easy and secure access to critical patient information in real-time while also decreasing the hospital's IT costs and helping us adhere to increasing regulations."

Northwestern Memorial Hospital, the largest single hospital in Illinois, turned to RSA Security to not only provide secure remote and mobile access, but also to assist in the hospital's plans for paperless systems. The hospital was developing a computerized physician order entry system to electronically enter patient health information and streamline the process for physicians to access critical patient data. It needed a way to publish sensitive applications for doctors to access while working in their home offices or traveling. Without a strong authentication solution in place, they were unable to access any patient information outside the walls of the hospital, leading to delays in reading lab results, ordering tests, writing prescriptions and viewing medical transcripts.

After examining a number of competitive offerings, Northwestern Memorial Hospital decided to deploy the RSA SecurID two-factor authentication solution. Within a short period of time, the hospital's computerized physician order entry system was transformed from concept to reality, while the simplified administration and centralized user management features led to a decrease in overall IT costs.

"As we make our transition to an electronic medical record system, Northwestern Memorial Hospital is committed to maintaining our patient's privacy", stated Rusty Sweet, manager of network and telecommunications technologies. "The RSA SecurID solution met the highest level of security standards set by Northwestern Memorial Hospital and by HIPAA compliance requirements relating to user authentication, authorization and data protection."

To attract and retain the most talented doctors, Edward Hospital, a full-service medical centre serving several communities west of Chicago, strives to provide the best possible work environment while using innovation to continually enhance the quality of patient care. The hospital had both of these goals in mind when it implemented a secure remote access solution based on RSA SecurID authentication and Citrix MetaFrame for Windows.

In the past, physicians had to request lab results over the phone and then wait while a staff member accessed the hospital's Meditech health information system to print and fax the relevant records. "With the RSA Security solution, we have been able to give physicians direct access to this information, allowing them to work more efficiently, and provide patients more timely, responsive care", stated Laura Bagus, Director of Technical Services and Help Desk for Edward Hospital.

"Health care organisations nationwide are using our solutions as part of their implementation of best practices in information security, and we are pleased to be able to offer our expertise to help with upcoming compliance deadlines as well as their on-going programme for the future", stated John Worrall, vice president of worldwide marketing at RSA Security.

RSA Security Inc. helps organisations protect private information and manage the identities of people and applications accessing and exchanging that information. RSA Security's portfolio of solutions, including identity and access management, secure mobile and remote access, secure enterprise access and secure transactions, are all designed to provide the most seamless e-security experience in the market.

The company's strong reputation is built on a history of ingenuity, leadership, proven technologies and more than 15.000 customers around the globe. Together with more than 1000 technology and integration partners, RSA Security inspires confidence in everyone to experience the power and promise of the Internet. More company news is available in the VMW February 2004 article Main Line Health selects RSA Security to help physicians improve productivity and protect sensitive patient records.

Leslie Versweyveld

[Medical IT News][Calendar][Virtual Medical Worlds Community][News on Advanced IT]