Combo of single sign-on and virtualization pays big dividends at hospital

Southwest Washington Medical Center gets quick payback from Imprivata and SoftGrid implementations

It’s a technology that many companies still find elusive, but single sign-on (SSO) is working as promised at Southwest Washington Medical Center (SWMC), while delivering a return on investment in just eight months. As a bonus, the SSO project also prompted the company to delve into virtualization technology, which is saving the firm some 20% on server resources along with heating, electricity and support costs.

The Vancouver, Wash.-based SWMC embarked on its SSO project to reduce the “hassle factor” for the 6,000 users that log on to an average of six to 12 applications per day, according to Christopher Paidhrin, CSO for the firm. During a session at the recent Network World IT Roadmap Conference & Expo in San Francisco, Paidhrin told attendees that SSO saves 15 to 30 seconds per logon, or roughly five minutes per day per employee – paying for the $100,000 price tab of the project in just eight months.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

It’s a technology that many companies still find elusive, but single sign-on (SSO) is working as promised at Southwest Washington Medical Center (SWMC), while delivering a return on investment in just eight months. As a bonus, the SSO project also prompted the company to delve into virtualization technology, which is saving the firm some 20% on server resources along with heating, electricity and support costs.

Click to see: Christopher Paidhrin

The Vancouver, Wash.-based SWMC embarked on its SSO project to reduce the “hassle factor” for the 6,000 users that log on to an average of six to 12 applications per day, according to Christopher Paidhrin, CSO for the firm. During a session at the recent Network World IT Roadmap Conference & Expo in San Francisco, Paidhrin told attendees that SSO saves 15 to 30 seconds per logon, or roughly five minutes per day per employee – paying for the $100,000 price tab of the project in just eight months.

See a video from the show.

The SSO project, which involved implementation of the Imprivata OneSign appliance, was impressive enough on its own to earn SWMC a Network World All-Star Award. But during his IT Roadmap presentation, and in a follow-up interview, Paidhrin also expounded on the virtualization angle of the project. That involved implementation of the Softricity (now Microsoft) SoftGrid application virtualization platform, which reduced the number of Citrix servers required to provision applications for some 2,500 remote users while simplifying provisioning for internal users as well.

Driving the need

SWMC’s quest for SSO began in early 2005, driven by business and IT considerations. Reducing the hassle factor was important not only from a business productivity standpoint but also a competitive one, Paidhrin says. “Physicians work in a highly competitive environment and there’s competition right down the street,” he says, referring to the hospital eight miles away. Making their logon experience as seamless as possible can help encourage physicians to bring their patients to SWMC instead of another facility.

From an IT perspective, Paidhrin was looking to gain centralized control over all access management. And of course the medical center had to comply with regulations, including HIPAA and the Joint Commission on Accreditation of Healthcare Information Management requirements.

“There are 45 technical HIPAA elements, and single sign-on alone fully addresses eight and somewhat addresses 15 of them, at least as implemented in the Imprivata product. That gets us most of the way to our technical compliance,” Paidhrin says.

Selection and implementation

SWMC spent nine months researching SSO products before settling on Imprivata OneSign. The company looked at players both large and small, including Novell, IBM, CA and Sentillion. Many solutions were “very nice, but very expensive,” Paidhrin says.

Ultimately, Imprivata proved to be a good fit because it cost less than some competitors and could deal with multiple back-end sources of authentication information. That was important because SWMC, while on its way to migrating to Microsoft Active Directory as its sole source of authentication data, in the meantime had to deal with data stored in Novell NDS, a RADIUS server and a couple of proprietary healthcare-specific data stores.