websights Healthcare Customer Story: the SaaS MFA for data security and simple logistics

Looking for inwebo.com? You are in the right place! Read all about it in our blog post

Come and join us in person at upcoming industry trade shows and conferences

Parisian Hospital boosts health data security and simplifies logistics thanks to inWebo SaaS MFA

TrustBuilder supports GHT Sud Val d’Oise – Nord Hauts de Seine, a Regional Hospital Group in the Parisian suburb, in the implementation of a safer, simpler and more productive digital environment. Discover how inWebo’s multifactor authentication SaaS MFA solution addresses the regulatory challenges of today’s healthcare industry while providing a more secure access to the information system and an easier login experience.

Sud Val d'Oise - Nord Hauts de Seine Regional Hospital Group

ght-s95n92

A collective strategy which helps users along their healthcare journey

The Hospital Group includes various establishments in the Paris area: care facilities, hospital complex and healthcare and advice clinics.

Gathered around a common strategy to serve all patients, the region’s public hospitals are committed to providing a secure, equal and coordinated healthcare and medical social response for everyone. They also aim to simplify the healthcare process and offer high-performance services that combine quality, consistency and innovation.

The information systems department: a key player in the digital transformation and the security issues related to access to health data

Antoine Guillot, Head of Information System Security and Data Protection Officer (DPO) of the Sud Val d’Oise – Nord Hauts de Seine Hospital Group shares his experience with inWebo multifactor authentication solution.

Antoine-Guillot

Antoine Guillot

CISO and DPO, GHT Sud Val d’Oise – Nord Hauts de Seine

"We had a double challenge: secure remote access and meet the regulatory constraints that require multifactor authentication to access patients' medical records, either via a Healthcare Professional Card (CPS card in France) or an equivalent system."

Project: Secure highly sensitive health data

The challenges in a nutshell...

Providing a level of security equivalent to the CPS card system

Now that the GDPR is applied, personal health data has officially the status of highly sensitive data, meaning access to it is being strictly regulated and ultra-secure. Thus, the protection of the health information system was one of the main triggers behind the project. “In order to access health data remotely in a more secure and reliable way, regulations require professionals to authenticate themselves, either via the CPS card (Health Professional Card) or an equivalent system, i.e. a multifactor authentication solution”. – Antoine Guillot.

Simplify remote access for the medical staff without the material constraints of the CPS card system

There are significant material constraints when having to authenticate using a CPS card. In order to access patients’ medical records remotely, and in the case of authentication via a CPS card, the professional will need to have a card reader with him/her. Hence, when on the move and wanting to connect to the IS from outside the establishment, the medical staff will have to transport both the CSP card and the card reader. Moreover, as Antoine Guillot points out, “equipment requires maintenance.” The Hospital Group therefore wanted to overcome these inconveniences and simplify the login process.

"With TrustBuilder, we can optimize productivity and expand HAH (Hospitalization at Home) in an agile way."

Carry out the “Hospitalization at Home” project (HAH - French acronym HAD)

“The French National Authority for Health – Haute Autorité de santé (HAS) – expected and required the group to carry out the project we call “Hospitalization at Home” (HAH – French acronym HAD), explains Antoine Guillot. This project involves hospitalization for patients who require continuous and coordinated medical and paramedical care, provided from their home, which presents numerous advantages for them. Cybersecurity is here a crucial issue that should not compromise the efficiency of the medical staff on site.

Solution

"TrustBuilder.io MFA is extremely flexible [...] it integrates easily into the information system and can be deployed on all applications (VPN, Office 365, RDS, etc.)"

TrustBuilder.io MFA - a level of security equivalent to the healthcare card system (CPS) and an asset in the digital projects of Sud Val d'Oise - Nord Hauts de Seine Hospital Group

After an analysis of their needs, it appeared that multi-factor authentication would meet the Hospital challenges and TrustBuilder.io MFA ticked all the boxes. “We got to know inWebo through Sesan (French Digital Health Service), which is commissioned by the Ile-de-France Regional Health Agency to provide digital support to all organizations in the healthcare industry” reveals Antoine Guillot.

“We needed a software solution” underlines Antoine Guillot, “we were also looking to ease the connexion experience and avoid the material constraints of the CPS card system when having to connect from outside our establishments”. inWebo’s multifactor authentication secures the digital environment without any equipment constraints thanks to its SaaS mode and its multiple tokens including the Deviceless MFA, a unique feature on the market.

“inWebo MFA is extremely flexible” adds Antoine Guillot, “it integrates easily into the information system and can be deployed on all applications (VPN, Office 365, RDS, etc.)”. Indeed, as they were looking to cover several establishments, it was necessary for the IT department to select a universal solution that could be implemented in different contexts and on hundreds of applications. This also to provide users with a seamless and uniform login experience.

SaaS MFA Solution

TrustBuilders approach to cybersecurity sees benefits rather than burdens. TrustBuilder.io MFA is a cloud solution that allows users to connect safely and simply, even on remote, without the constraints of a hardware token.

Integrates easily into the IS

TrustBuilder.io multifactor authentication integrates easily and rapidly into any IT architecture. The solution adapts to existing technical constraints, without imposing new ones, and inWebo's team assists its customers along their projects.

Can be deployed on all applications

Due to the multitude of VPN applications and solutions, there are many entry points to the IS. The flexibility and ease of deployment of TrustBuilder.io MFA is an asset in setting up a secure and easy-to-use environment.

"We had some concerns regarding the users, but their feedback was very positive. They can connect to the IS in a simple and fluid way.”

Results: health data security and simple logistics

inWebo MFA’s implementation was a success. In fact, the teams in charge were pleasantly surprised at how easy it was to integrate the solution.

Currently deployed on 100 people, the group will expand the scope of the solution to 1000 people by the first semester of 2021. “We have assisted end-users not only by presenting the solution and how it works, but also by guiding them in their initial enrollment” said Antoine Guillot.

With TrustBuilder, users can connect more easily and more rapidly to the medical file of a patient when working in a HAH situation. In addition, other medical professionals, such as radiologists who are on call at home, can connect securely and in a fluid way to their corporate tools/ services.

Going forward

Looking ahead to the large-scale deployment, the group undertook the project to have a single portal developed to manage the enrollment process for their users according to business specificities. inWebo’s teams made sure to meet this demand and the creation of this portal was a success. The group can now work on the second phase of the deployment.
 

"We have conceived a unique portal for enrollment and tool management. We are now looking to deploy TrustBuilder.io MFA on a large scale.”

Protect identities and data access with inWebo MFA

Contact us for a demo or to start your free trial.