Hospital SSO and access management: what changes for IAM teams?

TL;DR: A peer-reviewed study across 55 hospitals in the UK and Ireland found that single sign-on and access management cut desktop login time by 60%, sped application access by more than 50%, and redirected 3.3 million clinician hours to patient care, according to Imprivata. The core lesson is that healthcare IAM succeeds when it reduces friction without weakening auditability or session control.

NHIMG editorial — based on content published by Imprivata: clinician time savings and financial value of workstation single sign-on and access management in the United Kingdom and Ireland

By the numbers:

• A study across 55 hospitals in the UK and Ireland found that single sign-on and access management redirected 3.3 million clinician hours annually from logging in to patient care.
• The same study found a 60% reduction in desktop login time after deployment.

Questions worth separating out

Q: How should hospitals reduce login friction without weakening access control?

A: Hospitals should use single sign-on, strong multifactor authentication, and session controls together so clinicians authenticate less often without losing auditability.

Q: Why do shared clinical workstations create identity governance risk?

A: Shared clinical workstations make session integrity a governance issue because the device is reused by multiple people in fast-moving care settings.

Q: How can security teams tell whether access controls are actually helping clinicians?

A: Security teams should measure authentication time, access interruptions, and workaround behaviour alongside privacy and audit outcomes.

Practitioner guidance

• Measure login friction alongside care impact Track desktop login time, application access time, and workaround frequency before and after any SSO deployment.
• Design for shared-workstation session integrity Require automatic locking, reauthentication, and explicit user switching on multi-user desktops and kiosks so the identity trail remains clear when devices are reused by different clinicians.
• Tie authentication controls to the clinical workflow Map where repeated logins interrupt medication ordering, chart review, and handover tasks, then align the access pattern to those workflows instead of forcing a single office-style login model.

What's in the full article

Imprivata's full article covers the operational detail this post intentionally leaves for the source:

• The study design across 55 hospitals, including which wards and device types were measured.
• The time-and-motion methodology used to capture login duration, user-switching events, and access workarounds.
• The economic model behind the 307 additional eligible hospitals and the £1.1 billion annual productivity estimate.
• The direct quotations and journal context from the AHISP paper and associated research collaboration.

👉 Read Imprivata's research on clinician time savings from hospital SSO and access management →

Hospital SSO and access management: what changes for IAM teams?

Explore further

View Full Forum →  |  NHI Foundation Course →