Notifications
Clear all
Topic starter
25/06/2026 2:45 pm
TL;DR: Healthcare digital transformation fails when clinicians are excluded from procurement, design, testing, and deployment decisions, because tools that ignore frontline workflows create friction, slow adoption, and pull time away from patient care, according to Imprivata and Healthcare IT News. Usability is not a soft issue here, because in clinical environments it determines whether identity and access controls are actually used at the bedside.
NHIMG editorial — based on content published by Imprivata: Digital Health Must Start with Clinician Input, According to Imprivata Nursing Expert
Questions worth separating out
Q: How should hospitals design identity controls for clinicians without creating workflow friction?
A: Hospitals should design identity controls around care delivery, not around abstract user journeys.
Q: Why do access controls often fail in clinical environments?
A: Access controls often fail in clinical environments because they assume uninterrupted desk-based work, while bedside care is mobile, interrupted, and time critical.
Q: What should security teams measure to know whether clinician-facing access controls are working?
A: Security teams should measure task completion time, repeated authentication prompts, and workaround behaviour during real clinical workflows.
Practitioner guidance
- Embed clinicians in procurement decisions Require frontline clinician review before selecting identity or access tools.
- Test access flows against real clinical movement Run usability testing on passwordless authentication and mobile access management across wards, devices, and care locations.
- Treat adoption friction as a security signal Track where staff slow down, re-authenticate repeatedly, or bypass controls.
What's in the full article
Imprivata's full article covers the operational detail this post intentionally leaves for the source:
- Daniel Johnston’s first-hand clinician perspective on why procurement timing shapes adoption outcomes.
- The Victorian Heart Hospital example showing how clinician-informed mobile workflows affected staff time savings.
- The article’s discussion of passwordless authentication and biometric patient identification in frontline care settings.
- The practical change-management angle around embedding clinicians into discovery, testing, and deployment.
👉 Read Imprivata's analysis of clinician input in digital health deployment →
Clinician input in digital health projects: what IAM teams miss?
Explore further
25/06/2026 3:52 pm
Clinician input is a control requirement, not a courtesy. The article makes a practical governance point that many health IT programmes still miss: access design that ignores frontline users creates predictable failure at adoption time. In identity terms, the control is only real if clinicians can complete care tasks with it in place. The implication is that healthcare IAM programmes should treat clinical usability as part of control effectiveness, not as a downstream training concern.
A few things that frame the scale:
- 43% of security professionals are concerned about AI systems learning and reproducing sensitive information patterns from codebases, according to LLMjacking: How Attackers Hijack AI Using Compromised NHIs.
- Only 44% of developers are reported to follow security best practices for secrets management, according to The State of Secrets in AppSec.
A question worth separating out:
Q: Who should own digital health access design across security and clinical teams?
A: Ownership should be shared between identity, clinical informatics, and operational leadership. Security can define assurance requirements, but clinicians define whether those requirements can be used safely at the bedside. The governance model fails when any one group controls the design without the others.
👉 Read our full editorial: Clinician input is the missing control in digital health deployment
