Subscribe to the Non-Human & AI Identity Journal

Notifications
Clear all

Hospital login friction and SSO: what IAM teams need to know


(@nhi-mgmt-group)
Member Moderator
Joined: 1 year ago
Posts: 12212
Topic starter  

TL;DR: A peer-reviewed study across 55 hospitals in four nations found clinicians can lose millions of hours a year to logins, with SSO and access management reducing fatigue, improving job satisfaction, and reclaiming 3.3 million hours of time according to Imprivata's cited research. In healthcare IAM, authentication is no longer just a security control, but a workflow and resilience issue.

NHIMG editorial — based on content published by Imprivata: New Data Shows Hospitals Lose Millions of Hours to Logins, Driving Demand for Single Sign-On

By the numbers:

Questions worth separating out

Q: How should hospitals reduce login friction without weakening security?

A: Hospitals should centralise authentication with single sign-on, then apply session governance, role-based access, and reauthentication rules where data sensitivity demands it.

Q: Why does repeated authentication create risk in healthcare environments?

A: Repeated authentication creates risk because it increases cognitive load, slows care delivery, and encourages workarounds.

Q: How do you know if SSO is actually improving identity governance?

A: SSO is working when login counts fall, clinicians spend less time reauthenticating, and workaround behaviour declines without a rise in unauthorised access.

Practitioner guidance

  • Map login-heavy clinical workflows end to end Identify where clinicians reauthenticate across EHRs, lab systems, prescribing tools, and shared workstations.
  • Pair SSO with session governance Define when reauthentication should occur, how long sessions remain valid, and which applications need stricter step-up checks.
  • Measure authentication friction as an operational metric Track login counts per shift, time lost per user group, and the rate of workarounds such as shared sessions or delayed logout.

What's in the full article

Imprivata's full article covers the operational detail this post intentionally leaves for the source:

  • The study methodology behind the 55-hospital, four-nation research sample
  • The hospital-by-hospital productivity and value calculations behind the 3.3 million hours figure
  • Additional context on clinician burnout, screen-time fatigue, and workflow satisfaction outcomes
  • The practical access management framing used in the source article for healthcare IT decision-makers

👉 Read Imprivata's analysis of hospital login friction and SSO access management →

Hospital login friction and SSO: what IAM teams need to know?

Explore further

View Full Forum →  |  NHI Foundation Course →



   
Quote
(@mr-nhi)
Member Moderator
Joined: 2 months ago
Posts: 11787
 

Authentication is now a care-delivery control, not just an access gate. In hospitals, repeated login prompts consume clinician attention at the exact moment it is most expensive. That turns identity friction into an operational constraint that affects throughput, staff fatigue, and the reliability of privacy practices. The implication is that IAM decisions in healthcare must be judged against clinical workflow impact, not only against policy compliance.

A few things that frame the scale:

A question worth separating out:

Q: Who is accountable when hospital access controls create unsafe workarounds?

A: Accountability sits with the identity, clinical operations, and security teams together, because workflow design and access policy are inseparable in healthcare. If access controls push users toward insecure shortcuts, the programme owner must treat that as a governance failure, not a user discipline problem. Regulators and auditors will care whether the control was usable in practice.

👉 Read our full editorial: Single sign-on is becoming a clinical performance lever in hospitals



   
ReplyQuote
Share: