Smart card secures the IT environment and simplifies working life
Helse Vest ICT
Helse Vest is one of four health regions in Norway, directly subordinate to the Health and Welfare Department. Helse Vest has 26,900 employees at 50 hospitals and care institutions with overall responsibility for just over one million inhabitants in Rogaland, Hordaland and Sogn og Fjordane. Within Helse Vest, the IT company Helse Vest IKT works to continuously improve IT security in care. And simultaneously offer the employees a smooth and flexible working environment. In order to meet both these needs, Helse Vest decided as early as 2011 to introduce smart card based log in. Today Helse Vest Net uses iD Enterprise from SecMaker to improve IT security and increase flexibility.
Smart multi-function cards are simplifying working life
Previously the nursing staff needed several different cards: for entry, personal identification and IT log in. Today the employees use a single card. With their personal card and PIN code, the employees obtain access to both buildings and IT environment with all services and information to which they have authorisation. The same card is also used for so called ”follow-me-printing”. The document is not printed out until the user has identified him/herself with their card in the printer. This means that no paper, which can contain sensitive patient information, is left at the printer. Nils Jensson, PKI- and security expert within Helse Vest says:
- Regardless of where the staff are situated in the hospital, a single card gives them access to the premises, the systems and the information they need to be able to provide excellent care. One card and one PIN code – it couldn’t be simpler!
Secure and simple login
All smart cards have a certificate with information about the user and his or her authorisations. Most users only have a simple log in certificate, but almost 8,000 users also have an advanced certificate which gives them authorisation to print out and sign e-prescriptions.
Staff with advanced certificates have to log in and authenticate themselves in the IT environment with card and PIN. The same applies for all users with portable PCs. Other nursing staff have free choice of log in method.
- We have selected the soft route and allowed the users to choose themselves whether they want to log in with user name and password or with smart card and PIN. There is always a risk of users who log in with a password not logging out when they leave their workstation. Smart cards remove that risk, as the session ” ends automatically when the card is removed from the reader. We would consequently like to see more employees choosing smart card based log in. I believe that as they realise the advantages and the simplicity, increasing numbers will select smart card, Nils Jensson says.
Helse Vest has established its own PKI infrastructure and manages the simple certificates entirely internally through its own administration portal. The advanced certificate can also be managed through the same portal, but needs to be signed by the security company Buypass as authorised issuer.
More collaboration, more mobility
The national e-health project, Kjernejournal, has now commenced. Healthcare staff throughout the country will have fast and simple access to comprehensive information about patients in acute situations, wherever they are located and wherever they originally belong. A national set of ”core case records” will place requirements on standardisation of advanced certificates for all users. The infrastructure and procedures for certificate management that Helse Vest has established mean that Helse Vest is well prepared when the time arrives for the national roll out. A key issue for Helse Vest is to improve flexibility for mobile employees:
- We have previously already offered the option of logging in from portable computers, primarily to doctors, which has significantly increased their flexibility. A natural next step is to provide users with mobile tablets with the same option.
As we have Windows as standard throughout the IT environment, we have had to wait for smart card support for Windows-based tablets. The launch of Windows 8 in 2015 gave us the opportunity to (in the future) offer smooth and secure log in with the same smart card for tablets too, Nils Jensson concludes.
Regardless of where the staff are situated in the hospital, a single card gives them access to the premises, the systems and the information they need to be able to provide excellent care.
PKI- and security expert
Which solution is suits you?
We will guide you and give you arguments.