A group of Chicago’s largest hospitals has completed a series of mobile network infrastructure rollouts incorporating two-factor authentication security to provide doctors with secure remote access to highly sensitive patient health information.
The organisations - including Children's Memorial Hospital (CMH), Edward Hospital, John Stroger Hospital, MacNeal Hospital, Mercy Hospital, Northwestern Memorial Hospital and Rush University Medical Center - said the move was designed to reduce costs, boost physician productivity and protect patient privacy in compliance with the Health Insurance Portability and Accountability Act (HIPAA).
CMH, one of the largest children's hospitals in the US, needed to revamp its remote access services after its administration of remote passwords got "out of control", making it very costly to manage access for mobile clinicians on a regular basis.
"We found passwords to be the most expensive and insecure way to provide remote authentication. Helpdesk calls and password resets were out of control," said Ron Isbell, Information Security administrator at CMH.
The hospital selected a system based on RSA's SecurID two-factor authentication offering in conjunction with Citrix MetaFrame thin client technology to give physicians and nurses secure remote access to over 30 different applications.
Using automated user provisioning through RSA's SecurID Web Express software, CMH's IT staff said they were able to more efficiently assign tokens so reducing administrative costs, while at the same time meeting the HIPAA requirements for patient privacy.