athenahealth protects patient data and enhances user experience with Okta
and growing patient accounts
patient portals protected by Okta
*Based on estimated athenaOne and athenaFlex data as of Q1 2020
See More from athenahealth :Oktane18 Presentation
- Mission critical healthcare technology
- Removing obstacles to patient care
- Partnering with an expert in identity
- Strengthening security and improving user experience
- Transforming the healthcare system
athenahealth strives to create a thriving healthcare ecosystem that delivers accessible, high-quality, sustainable healthcare for all. Critical to realising that vision is enabling over 160,000 providers across all athena products to easily and securely interact with multiple technology solutions, other practitioners, and ancillary services on different networks. Data needs to be accessible, but also heavily protected to ensure that only properly authorised individuals can access it.
As athenahealth expanded in both patients and practitioners served, it began to outgrow its increasingly complex legacy infrastructure. Patients had multiple account credentials; each practice had to register patients and store their data separately. The time was right for athenahealth to adopt a cohesive identity and access management (IAM) solution to reduce friction and improve user experience—and patient outcomes—without compromising on security.
athenahealth sought out an IAM partner to help provide better experiences for its customers while eliminating complicated workflows, and to increase access to information while maintaining robust security. The organis
ation decided to implement the Okta Identity Cloud, an identity platform that would put the right data into the right hands, safely. By integrating with the varied applications patients and practitioners use to interact with athenahealth, Okta would deliver a seamless and secure digital experience for all users.
athenahealth deployed Okta to migrate 24 million patients from an existing registration system to a service called ‘login with athena.’ This gave patients a single portal to access their medical information through the various services and apps that were once separate entities. The company created frictionless registration experiences for the over 8,000 patient portals on its network. athenahealth also deployed Okta's new DynamicScale technology to scale its login experience to tens of millions of users.
athenahealth now has a unified constellation of patient portals that makes web and mobile access secure, compliant, and frictionless. The Okta platform enables athenahealth to streamline and secure data sharing and management, which are crucial for effective and holistic healthcare delivery. In collaboration with Okta, athenahealth is working toward a future where patients can move confidently through the healthcare system as people, rather than as separate records at every juncture.
We think about identity as a key tool to opening the healthcare ecosystem, so having the integrations that Okta provides is crucial.
Lana Cohen, Director of Product Management at athenahealth
- Seamless digital experience for all users
- Secure, frictionless mobile experience for customers
- Data security in compliance with regulatory requirements
- Streamlined, secure migration to new registration service
- Disparate IT systems consolidated into an integrated system
A holistic approach to smarter healthcare for all
athenahealth uses technology to break down barriers in the healthcare system and help healthcare providers nationwide deliver smarter experiences. Through its clinical record, patient engagement, and revenue cycle management services, athenahealth is creating a thriving ecosystem that delivers accessible, high-quality, and sustainable healthcare for all.
The ability to manage patient care across the entire healthcare system has become increasingly important within the sector. To meet this demand, athenahealth has to be nimble, and able to facilitate providers’ interactions with multiple technology solutions.
“We support 160,000 healthcare providers on 153 million patient records and see 40% of the U.S. population on athenahealth products,” says Lana Cohen, director of product management at athenahealth.
athenahealth needed an identity and access management (IAM) solution to maintain the organisation’s security posture while delivering a seamless digital experience for users.
“We need to be able to understand who our users are and who has access to what information,” Cohen says. “We’re providing access to extremely sensitive, highly regulated data that impacts people’s lives. That requires the utmost security, but we also need to provide consumer-grade experiences to engage patients.”
Preventing roadblocks while keeping data secure
athenahealth had outgrown its in-house legacy infrastructure, making it difficult to deliver on its promise of uniting and opening the ecosystem. The organisation had thousands of different patient identity stores, which meant that patients couldn’t benefit from all of their providers being on the same network. For example, if a patient saw their primary care physician and was then referred to a specialist in a different practice, the patient would have to create an account, verify access to their records, and maintain a user account in both places to access all their medical information.
This was especially complicated because of the myriad ways that a patient could move through athenahealth’s network, depending on whether they were registered previously, whether their records existed at a different practice on the network, or whether they were a parent or other caregiver. Some patients even had multiple credentials within a single practice if that practice used multiple technology applications beyond athenahealth. As athenahealth grew, the company identified various integrations that could enable patients to engage further in their own care. When the organisation’s client base reached a critical mass, athenahealth saw the time was right to modernise and streamline its IT infrastructure.
“We wanted to create a unified experience so that patients wouldn’t have to remember lots of different credentials, but also so that practices wouldn’t have to register patients and assist in managing so many credentials,” Cohen says.
The organisation needed to remove the hurdles from the access process and improve user experience while keeping security checks in place but unobtrusive.
“We don’t have room for error in balancing usability and security. At the end of the day we are providing access to super sensitive, critical, highly regulated data that could impact someone's life,” Cohen says.
athenahealth also wanted to enable its customers to innovate on the athenahealth platform. The organisation wanted to support a range of standards-based integration options so that customers and partners could build their own applications—without adding end-user friction with registration and identity-vetting activities already done by athena.
Finding an IAM solution tailored to healthcare
athenahealth recognised it had an opportunity to enhance customer engagement and cultivate user trust. The organisation needed to centralise patient identity, improve the provider experience, and provide smarter security tools to its customers. The company began to work on these initiatives internally, then realised the value and acceleration it could gain from working with an expert vendor.
“We were subject to all of the infrastructure pain,” Cohen says. “We don't just consider identity an underlying security piece. We’re passionate about the power of identity and how important it is from a strategic perspective.”
athenahealth sought out a scalable, agile IAM solution to manage integrations and secure data. The company needed technology that met healthcare industry requirements for providers, as well as delivered a seamless experience for practitioners and patients—and the Okta Identity Cloud fit the bill. athenahealth determined that having an identity platform would be the best solution to meet its complex needs.
“All of the things the tech industry has been talking about for a long time, like supporting data openness via APIs, are becoming priorities in healthcare. Okta has given us the standard tech toolkit to accelerate our ability to meet these needs,” Cohen says.
And that, in turn, is reflected in improved patient experience—and health. “Identity management is critical to putting medical data into the right hands, so it can be used to achieve differentiated healthcare outcomes faster and with less friction than could have been done otherwise,” says Cohen.
“To me, that’s the crux of what we’ve been able to achieve: athenahealth is the unifying platform that helps solve healthcare problems around data acquisition, sharing, and management,” Cohen says.
A carefully phased implementation process
The organisation took an iterative approach to deployment by isolating the unique use cases that it wanted to support. athenahealth tested Okta through its beta process for about a year with various clients before implementing the solution throughout all of its patient portals.
“I am eternally grateful to all of our early beta customers because they taught us so much about how they were using the system and how they wanted to use it in the future,” Cohen says.
Deploying a seamless experience to empower users
athenahealth migrated millions of patients on its patient portals from an existing email registration system to a new service built on Okta called ‘login with athena’. This enabled patients to access medical information across multiple systems throughout the athenahealth network via a single athenahealth account.
“Patients want to be engaged in their healthcare, but they often don't have a lot of the tools they need to do that. Rather than requiring a faxed form authorising one clinician to share info with another clinician, we can now put the power into patients’ hands to share data using patterns established by the tech industry like OAuth + user consent,” Cohen says.
Before switching to Okta, each of athenahealth’s 8,000+ patient portals had an independent login page. athenahealth implemented Okta’s Authentication to embed secure login and single sign-on. The company created frictionless registration experiences that retained the login portals’ original branding for consistency, simply adding the ‘login with athena’ button. Now, ~ 4 million patients who log in to these portals monthly can easily recognise that they are on the athenahealth network.
“It was a new concept for our clients to introduce the athenahealth brand directly to their patients, but Okta enabled us to continue to showcase our clients’ branding in a dominant way. By white labeling, we didn’t need to further complicate things with a third brand,” Cohen says.
athenahealth also deployed Okta's new DynamicScale technology to scale its login experience to tens of millions of users—currently serving patients, and soon to include doctors and healthcare providers. This will allow the organisation to change the way its users log into athenaNet, the company’s main client facing application.
“We purchased DynamicScale to address the massive scale of our network,” Cohen says. “It allowed us to not worry about exceeding our network traffic limit and ramp up at scale while remaining stable.”
In addition, athenahealth implemented Okta’s new Inline Hooks feature to facilitate authorisation requirements including support for SMART on FHIR. This will enable developers to build healthcare applications off of the athenahealth platform in a standardised and secure manner. Inline Hooks also integrates with athenahealth’s security and compliance technology.
In addition, Inline Hooks extends self-service registration with external custom logic or third party services to modify and validate profiles before completing registration. It enables athenahealth to combine data from multiple sources into Okta’s centralised Universal Directory. This functionality is essential to athenahealth’s ability to provide service to various user types across its healthcare network.
“Patients can now access their health information through APIs, pull their data into an app on their phone, and actually aggregate from athenahealth and non-athenahealth practices to see a more complete view of their medical record,” Cohen says. “The technology’s flexibility enabled us to meet that need.”
A unified, secure healthcare ecosystem
athenahealth now has a centralised, modern, and stable IAM solution with Okta. Although the company currently still operates its identity stores for practitioners, it uses them alongside Okta and is no longer dependent on its legacy database.
“Okta has opened up a bunch of capabilities already,” Cohen says. “This infrastructure could have been a huge cost and challenge to develop from scratch ourselves, especially because our traditional architecture didn’t account for a global use case very well.”
athenahealth can now focus on providing an excellent user experience, rather than worrying about basic functionality such as storing tokens. Okta provides the organisation with broad technology capabilities for athenahealth to knit its workflows into.
“Okta has enabled us to focus on the complexity and nuances of our use cases, in healthcare and in providing a service to our customer segments,” Cohen says.
In addition to engaging with Okta’s Professional Services and having a Dedicated Customer Success Manager, athenahealth purchased a Mission Critical Support Engineer (MCSE). The MCSE ensures athenahealth has a single point of contact within Okta Support who is deeply ingrained in athenahealth’s goals and has a comprehensive understanding of its unique architecture. There’s no need to start from scratch for every new technical concern, the MCSE is able to provide backend support to athenahealth’s team.
“We have an incredibly awesome team in Okta,” Cohen says. “It has been a total game changer.”
Putting patients first
athenahealth plans to further leverage Okta’s security capabilities. Before switching to Okta, it would have been a challenge to implement the complex policy controls that healthcare providers requested, but the organisation no longer needs to hesitate on such investments. athenahealth plans to use Okta to support the complex and diverse security policy controls to further enhance access to its applications.
athenahealth is especially excited about the future of ‘login with athena’. With Okta as a foundation, the company envisions a healthcare system where patients can share their records with new doctors, or share a picture of their insurance card with specialists, as opposed to filling out forms with the same personal information multiple times. It’s all part of recognising and connecting the entire continuum of care.
“Identity becomes the thing that knits together these pieces of information and then also provides a layer that enables the consent of sharing,” Cohen says. “We think about identity as a key tool to opening the healthcare ecosystem for more seamless experiences across a fragmented system, so having the integrations that Okta provides is crucial.”
That aligns with one of athenahealth’s long-term strategic goals: to enable each patient to move through its network as one individual, rather than as a separate record at every juncture. Okta’s trusted IAM solution will allow the organisation to trace each verified identity back to multiple records across its network.
“The most powerful thing about the Okta and athenahealth partnership is how we’re creating the ‘identity for healthcare’—our platform has the ability to be transformative,” says Cohen. “We are able to handle integrations that bring more and more data together better than anyone.”
“That's the part I get really excited about,” Cohen continues. “We want people to feel like a person in our system rather than a record number.”
athenahealth partners with medical organisations across the country to drive clinical and financial results. Its vision is to create a thriving ecosystem that delivers accessible, high-quality, and sustainable healthcare for all, and is pursuing this through its medical record, revenue cycle, patient engagement, and care coordination service offerings. Its expert teams build modern technology on an open, connected ecosystem, yielding insights that make a difference for its customers and their patients.