Healthcare identity and digital transformation: can security stay usable?

TL;DR: Healthcare digital transformation is nearly doubling IT budget allocation from 4.8% to 9.7% year over year, while clinicians still need fast access and stronger controls, according to Imprivata. Identity is now the operating constraint that determines whether security, compliance, and workflow efficiency can coexist in care delivery.

NHIMG editorial — based on content published by Imprivata: Tech Leader Highlights the Role of Identity in Securing Digital Transformation in Healthcare

Questions worth separating out

Q: How should healthcare organisations simplify secure access without weakening control?

A: They should reduce the number of steps required to authenticate at the point of care, then apply stronger assurance behind the scenes through passwordless access, frictionless MFA, and contextual policy.

Q: Why does shared-device access create special identity risks in healthcare?

A: Shared devices make traditional login and session handling harder because multiple users must move quickly between tasks and endpoints.

Q: How should teams govern third-party access in digital healthcare environments?

A: They should treat third-party identities like a governed lifecycle, not a temporary exception.

Practitioner guidance

• Redesign authentication around bedside workflow Map clinician tasks to the minimum viable number of access steps, then test whether passwordless authentication or frictionless MFA can reduce delays on shared workstations and mobile devices.
• Separate clinical access paths from office-user patterns Do not reuse standard enterprise login patterns for shared clinical endpoints if they create repeated prompts, session churn, or device handoff friction.
• Treat third-party access as a lifecycle control Define explicit onboarding, review, and offboarding steps for vendor identities, and verify that external access expires when the business need ends.

What's in the full article

Imprivata's full article covers the operational detail this post intentionally leaves for the source:

• Practitioner-oriented examples of passwordless authentication and frictionless MFA for healthcare workflows
• Specific ways shared mobile programmes can support clinicians without adding access overhead
• How third-party access can reduce vendor risk and IT workload in day-to-day operations
• User behaviour and access analytics examples that help identify risks in clinical environments

👉 Read Imprivata's analysis of identity in healthcare digital transformation →

Healthcare identity and digital transformation: can security stay usable?

Explore further

View Full Forum →  |  NHI Foundation Course →