In healthcare, identity has always been a critical asset. But today, the cybersecurity stakes have never been higher, with more attacks targeting identity and greater compliance risks resulting from new regulations. Healthcare organizations need to navigate these vulnerabilities and make highly-sensitive information available so that doctors, nurses, and clinicians can provide quality patient care.
Just as important as sharing all that information with the right users is keeping it from the wrong ones. In the U.S., failing to maintain the security of medical records could result in a violation of the Health Insurance Portability and Accountability Act (HIPAA). And those violations can be costly: the Health and Human Services Office for Civil Rights (OCR) has imposed more than $133 million in fines related to HIPAA violations.
Many healthcare providers rely on Epic electronic health records (EHR) to manage their information and deliver quality patient care. The Wisconsin-based software company provides an EHR system that hospitals use to manage medical templates, referrals, and records for more than 280 million patients—or about 60 percent of patients in the U.S.
So when Epic announced that it intended to replace its end-user application, Hyperspace, with a new system, called Hyperdrive, that change could have led to significant risk for many healthcare organizations: most healthcare providers had built workflows in Hyperspace that were enabled through integrations with third-party products.
To account for the transition, healthcare providers needed to plan for the Epic Systems update, manage their third-party integrations, and prepare their users for the new platform.
For years, hospitals, medical centers, and healthcare providers have turned to RSA to secure access for their employees, patients, and users. Many of these healthcare organizations relied on a RSA multi-factor authentication (MFA) technology integration to secure access to Epic Hyperspace.
My team and I knew that the switch from Hyperspace to Hyperdrive could create disruptions for our customers in managing their identity and authentication risks. That’s why we developed a new technology integration that’s fully compatible with Hyperdrive to help our healthcare customers stay secure, stay compliant with HIPAA, and ensure that Epic users could access their medical records whenever they needed them.
The new RSA Hyperdrive integration uses a REST-based MFA Agent for stronger authentication options. RSA customers will need to deploy this new Hyperdrive Agent to secure logins and workflows that require step-up authentication.
We’ve taken great care to build an Agent that supports every workflow within Hyperdrive and doesn’t cause any disruptions, because doctors and patients need these records to coordinate the best patient care. Our Agent secures those workflows without creating unnecessary friction.
Customers can find more information about the initial Hyperdrive Agent at RSAコミュニティ. We’ll continue making improvements to the Agent, including expanded support for cloud deployments in addition to on-premises environments. And future updates will include push-to-approve and biometric authentication options.
Ultimately, supporting more deployment use cases and authentication capabilities will help our healthcare customers pursue their digital transformation agenda however works best for them. Whether our customers use Hyperdrive in on-premises, hybrid/cloud, or multicloud deployments, RSA will support them.
###
See the Product Advisory on RSA Community for more information.
