Ensuring secure, role-based access and saving time with Imprivata Identity Governance

Key facts

Industry: Healthcare

EHR: Cerner Millenium

Employees: 11,000

Beds: 1,176


  • Manual, time-consuming provisioning processes
  • Decentralized provisioning environment
  • Frustrating workflows for IS team members, clinicians, and managers


  • Time savings due to automated provisioning processes
  • Fast, secure, role-based access for clinicians
  • Simplified auditing and reporting

Northern Light Health is a 1,176-bed integrated health delivery system that serves the state of Maine. Northern Light aims to partner with individuals and communities to improve health and well-being by providing high-quality, cost effective services.

The team at Northern Light knew that being able to provide high-quality care was reliant on one basic principle – allowing Northern Light clinicians to do their jobs, quickly, efficiently, and starting from their very first day. But without an automated process for provisioning of precise, role-based access, ensuring that clinicians always had the access they needed was a manual and arduous process.

“Every time a new staff member started at Northern Light, they’d need to be provisioned for access to systems and applications. Granting the right personnel access to the right applications was a manual process where numerous emails would need to be sent to multiple teams before a user could even be granted access to necessary applications,” says Michael Ropiak, Data Security Analyst at Northern Light. “With no centralized provisioning process to support the multiple teams at Northern Light that oversaw system access for different departments, inefficiency became a major challenge.”

In order to ensure clinicians and other staff had appropriate, and timely, access to the systems and applications they needed to deliver quality patient care, the team at Northern Light needed a solution that would:

  • Automate the user provisioning processes
  • Ensure fast, secure, role-based access to systems and applications
  • Allow for hundreds of specific roles to be created
  • Reduce IT costs by replacing burdensome, slow, and error-prone manual administering of user accounts
  • Gain a better handle on timely termination of user accounts when staff members were no longer at Northern Light

With those needs in mind, the team at Northern Light started to look for a comprehensive solution that would address their challenges.

The solution

After determining the need for an identity and access management solution, Northern Light turned to Imprivata Identity Governance™, an end-to end solution purpose-built for healthcare with precise role-based access controls, automated provisioning and de-provisioning, streamlined auditing processes, and analytics that enable faster threat evaluation and remediation.

“With Imprivata Identity Governance, we can easily provision users when they first join the hospital,” says Leah Dorman, Information Systems Security Analyst at Northern Light. “When employees are added to our HR system, they’re assigned a role through Imprivata Identity Governance where each role has been mapped to their job code. The solution enables us to automatically grant users access to applications and systems associated with each role. In fact, we continue to add more applications for automating user provisioning.”

With Imprivata Identity Governance implemented at Northern Light, once a new user is provisioned, their manager receives an email to let them know that they’ve been set up with a specified list of applications – a process that is drastically simplified. Now, unless a user needs additional access that isn’t included within their specific role, the process is as easy as notifying a manager that a user has been provisioned. 

“From an end user perspective, that means that when they get their user ID at orientation, they will already have access to all of the systems and applications they need,” says Dorman.

Ensuring fast, No Click Access

The team at Northern Light knew that giving clinicians fast, secure, role-based access to systems and applications was only half the battle. To ensure the delivery of high-quality care, clinicians also had to be able to access what they needed quickly. To provide clinicians with fast, secure, No Click Access to the systems and applications for which they had been provisioned, Northern Light deployed Imprivata OneSign®. With Imprivata OneSign, clinicians at Northern Light could quickly and securely access all the technologies and information they needed.

“By ensuring fast, secure single sign-on with Imprivata OneSign, we’ve empowered our end-users to do their jobs,” says Shawn McCrum, Manager of Identity and Access Management at Northern Light. “Not only do clinicians get access to the applications that they need, but they can use their badges to quickly and easily access the workstations across our facility.”

Integrated IAM solution

Northern Light relies on Imprivata for a comprehensive identity and access management (IAM) solution, comprised of Imprivata Identity Governance, Imprivata OneSign, and Imprivata Confirm ID™ for electronic prescribing of controlled substances. By combining automated identity management with enterprise single sign-on and authentication management, Northern Light has:

  • Reduced IT costs and help desk calls
  • Increased data security and auditing processes
  • Shifted clinician focus to providing high-quality care, instead of dealing with technology


With Imprivata Identity Governance in place, the team at Northern Light has continued to work with specific departments and managers to determine what kinds of roles are needed. Thus far, they have seen a decrease in the number of manual provisioning processes needed and an increase in automated processes. 

Their end goal, McCrum says, is to move all access requests over to a role-based model, which will save the IS teams time and ensure that clinicians are up-and-running as soon as possible.

“With Imprivata Identity Governance in place,” says McCrum, “we’ve seen huge time savings due to the reduction of manual processes, and we’ve ensured that clinicians receive fast and secure access to applications and systems."