SSO can be used both on the device and application levels. One example of SSO on the device level is multifactor tools such as those used in Microsoft 365 applications or when logging in to websites. At the application level, SSO might look like opening an app on a mobile device and already being logged in to a healthcare organization’s mobile device management (MDM) system, which is pushing out SSO on an app level. No additional passwords or multifactor authentication would be needed.
A major trend in healthcare is the push for more SSO on the application level. The increased adoption of shared devices is driving this need for a streamlined process. However, SSO implementation in healthcare requires several considerations.
Considerations for SSO Implementation in Healthcare
The growing use of apps is increasing the need for SSO in healthcare. Some organizations purchase 1,000 phones, which are passed off during shift changes. In the past, a clinician would have to login to up to three different apps, which didn’t take up too much of their time. However, now they may have to login to five to eight apps when picking up a device, which could take up to 15 minutes.
Automated SSO technology at an application level can solve this issue by allowing a clinician to enter their login information once and have it applied to all the organization’s relevant apps. For the best user experience, healthcare organizations need to consider how to automate the SSO process. Automation is much easier if a clinician has a mobile device that is never shared since profiles won’t need to be refreshed.
Shared devices are a growing trend in healthcare but using SSO for a shared device environment is more difficult. However, solutions such as Imprivata’s GroundControl can automate the process. A clinician can plug an Apple device into a docking station at the end of a shift and GroundControl will automatically reprovision the device involving SSO. Android handles this process differently. Instead, a clinician would tap the badge on the back of the device to sign in and out.
It’s important for healthcare organizations to ensure the apps they use support SSO. Despite having SSO frameworks available from companies such as Apple, there hasn’t been wide adoption and many healthcare companies are still using their own version of SSO that have other dependencies and can complicate how SSO is handled on an app level.
SSO is a highly evolving space and while not every application will support the type of experience a healthcare organization is looking for, there are many stopgaps that can be taken advantage of such as GroundControl and Imprivata’s AutoFill which automatically fills in login information when an application is opened. These are close steps to true SSO and reduce the keystrokes needed to log in, enhancing the user experience.
If a healthcare organization wants to implement SSO successfully, it’s also important to integrate the security team into deployment planning discussions. If implemented correctly, the security risk of SSO is low. The MDM is a critical tool to ensuring security as it can determine whether a device or network can be trusted.