It can be frustrating to remember multiple passwords for different computer applications. Not to mention the fact that as a clinician it is very time consuming logging in and out of applications over and over, especially if you have to look up the patient every time.  Instead of struggling to remember the different user names and passwords, there is now an easy way to manage multiple logins with a single-sign on product (SSO). A SSO server stores these different passwords in a safe database and makes it available to the user (typically physician or nurse) transparently during the login process. The end result is that the user has to sign in just once.

Advantages of a Single Sign On product

SSO products offer benefits to both users as well as organizations. End users have to remember only one password instead of multiple details for different applications. This eliminates the need for users to resort to unsecure practices such as writing their passwords in visible areas where it is accessible to other users. Also, they are required to log in only once a day, and this offers easier and quicker access to all clinical applications and data.

For organizations, opting for a SSO product reduces operational costs, as they do not have to spend time and money on retrieving forgotten passwords for employees. Furthermore, from a security point of view, SSO systems are easier for the management and IT team to protect, update and secure data. For example, restrictions on a minimum password length and special character can be imposed, users can be ‘locked out’ of their account after several unsuccessful attempts; and reset their passwords at regular intervals, inactivity session timeouts can be enforced, and so on.

Maneuvering the EMR is often much easier with a SSO, especially when you have different applications holding different patient information.  Systems like Meditech and AllScripts have single sign on interfaces, but even with these systems, you need to have a different login for things like PACS, ECM, ERP, etc.  SSO simplifies the process for the provider considerably.  An SSO typically handles “user-context” (the interface to the user of the computer), but may also handle “patient-context” (the ability to look up the patient in each of your applications instead of the physician or nurse looking them up).  We will cover patient context in another article, but it is a feature to watch for.

Desirable features of SSO

A SSO system should be integrated into the company’s IT structure and be able to accommodate the number of users in the system. Some of the important features you should look for in a SSO system are: personalized options for user customization, authentication of users by the use of smart cards along with password protection, encrypted algorithms, digital ID or signatures, central management console to protect multiple servers, and logging auditing features to name a few.  Additional features should include multiple ways to leverage the sign on, such as RFID cards or biometrics.  Many SSO systems have added functionality that allows the provider to sign on to the system with a simple tap of a card or a fingerprint swipe, rather than a long annoying password.

Types of a Single Sign On product

There are typically two types of single sign-on products– enterprise and web. Enterprise SSO includes smart cards and biometric identification that can be used by the end user to authenticate their identity, after which all their applications are automatically logged into. Web SSO uses a web portal for authentication with a single user name and password, and this enables the user to run the different applications thereafter. The type of SSO chosen depends on the infrastructure of an organization and applications used.

Criticism of SSO

Since the single sign-on process enables the user to access many applications and resources, it increases the chances of misuse in case the password is hacked by an unauthorized person. Companies thus have to invest in strong authentication methods and take extra measures to secure the SSO process. Moreover, in case of a network failure, access to all applications under the SSO system may be denied (be sure to know how downtime procedures work for SSO). Thus, some important applications have to be excluded from the centralized SSO system and managed separately.

However, all said and done, the SSO system adds to the security and efficiency, and is worth the cost and effort in the long run.

If you are looking for a physician efficiency tool, you need to pay attention to SSO options.

Learn more about one of the industry leading Single Sign On products: Imprivata