Parisian Hospital boosts health data security and simplifies logistics thanks to inWebo SaaS MFA
TrustBuilder supports GHT Sud Val d’Oise – Nord Hauts de Seine, a Regional Hospital Group in the Parisian suburb, in the implementation of a safer, simpler and more productive digital environment. Discover how inWebo’s multifactor authentication SaaS MFA solution addresses the regulatory challenges of today’s healthcare industry while providing a more secure access to the information system and an easier login experience.
Sud Val d'Oise - Nord Hauts de Seine Regional Hospital Group
A collective strategy which helps users along their healthcare journey
The Hospital Group includes various establishments in the Paris area: care facilities, hospital complex and healthcare and advice clinics.
Gathered around a common strategy to serve all patients, the region’s public hospitals are committed to providing a secure, equal and coordinated healthcare and medical social response for everyone. They also aim to simplify the healthcare process and offer high-performance services that combine quality, consistency and innovation.
The information systems department: a key player in the digital transformation and the security issues related to access to health data
Antoine Guillot, Head of Information System Security and Data Protection Officer (DPO) of the Sud Val d’Oise – Nord Hauts de Seine Hospital Group shares his experience with inWebo multifactor authentication solution.
Antoine GuillotCISO and DPO, GHT Sud Val d’Oise – Nord Hauts de Seine
Project: Secure highly sensitive health data
The challenges in a nutshell...
Providing a level of security equivalent to the CPS card system
Now that the GDPR is applied, personal health data has officially the status of highly sensitive data, meaning access to it is being strictly regulated and ultra-secure. Thus, the protection of the health information system was one of the main triggers behind the project. “In order to access health data remotely in a more secure and reliable way, regulations require professionals to authenticate themselves, either via the CPS card (Health Professional Card) or an equivalent system, i.e. a multifactor authentication solution”. – Antoine Guillot.
Simplify remote access for the medical staff without the material constraints of the CPS card system
There are significant material constraints when having to authenticate using a CPS card. In order to access patients’ medical records remotely, and in the case of authentication via a CPS card, the professional will need to have a card reader with him/her. Hence, when on the move and wanting to connect to the IS from outside the establishment, the medical staff will have to transport both the CSP card and the card reader. Moreover, as Antoine Guillot points out, “equipment requires maintenance.” The Hospital Group therefore wanted to overcome these inconveniences and simplify the login process.
Carry out the “Hospitalization at Home” project (HAH - French acronym HAD)
“The French National Authority for Health – Haute Autorité de santé (HAS) – expected and required the group to carry out the project we call “Hospitalization at Home” (HAH – French acronym HAD), explains Antoine Guillot. This project involves hospitalization for patients who require continuous and coordinated medical and paramedical care, provided from their home, which presents numerous advantages for them. Cybersecurity is here a crucial issue that should not compromise the efficiency of the medical staff on site.
TrustBuilder.io MFA - a level of security equivalent to the healthcare card system (CPS) and an asset in the digital projects of Sud Val d'Oise - Nord Hauts de Seine Hospital Group
After an analysis of their needs, it appeared that multi-factor authentication would meet the Hospital challenges and TrustBuilder.io MFA ticked all the boxes. “We got to know inWebo through Sesan (French Digital Health Service), which is commissioned by the Ile-de-France Regional Health Agency to provide digital support to all organizations in the healthcare industry” reveals Antoine Guillot.
“We needed a software solution” underlines Antoine Guillot, “we were also looking to ease the connexion experience and avoid the material constraints of the CPS card system when having to connect from outside our establishments”. inWebo’s multifactor authentication secures the digital environment without any equipment constraints thanks to its SaaS mode and its multiple tokens including the Deviceless MFA, a unique feature on the market.
“inWebo MFA is extremely flexible” adds Antoine Guillot, “it integrates easily into the information system and can be deployed on all applications (VPN, Office 365, RDS, etc.)”. Indeed, as they were looking to cover several establishments, it was necessary for the IT department to select a universal solution that could be implemented in different contexts and on hundreds of applications. This also to provide users with a seamless and uniform login experience.
Results: health data security and simple logistics
inWebo MFA’s implementation was a success. In fact, the teams in charge were pleasantly surprised at how easy it was to integrate the solution.
Currently deployed on 100 people, the group will expand the scope of the solution to 1000 people by the first semester of 2021. “We have assisted end-users not only by presenting the solution and how it works, but also by guiding them in their initial enrollment” said Antoine Guillot.
With TrustBuilder, users can connect more easily and more rapidly to the medical file of a patient when working in a HAH situation. In addition, other medical professionals, such as radiologists who are on call at home, can connect securely and in a fluid way to their corporate tools/ services.