IT healthcare provider moves operation to the cloud to secure patient trust
healthcare professionals served
user pilot deployment
user pilot deployment
See More from NEL :London Forum 2019
- An evolving approach to IT in healthcare
- Stitching together a fractured infrastructure
- The right identity partner
- Streamlined customer experience
NEL specialises in providing IT support services to healthcare providers, including general practitioners, clinical commissioning groups, hospitals and community trusts. NEL was originally considered an in-house service department within England’s National Health Service (NHS), but over the years, their role has evolved. Now, NEL is more of a traditional IT provider serving and billing healthcare practitioners directly, instead of through NHS.
NEL needed to modernise its outdated legacy infrastructure, systems and service methods to effectively cater to new external customers. With separate infrastructure and access points for different regions and systems, there was a significant amount of friction for users. The organisation needed a way to consolidate its IT infrastructure to increase the efficiency of healthcare providers and the security of patient data. NEL also needed to reduce the number of calls coming into its service desk.
After exploring a number of options, including Microsoft’s Azure, NEL chose Okta for its cloud-agnostic approach and consistent updates. The company purchased a series of Okta’s Workforce Identity products, including Universal Directory, Single Sign-On, Adaptive Multi-Factor Authentication and Lifecycle Management. Together, these products provide a unified identity layer that consolidates the company’s complex infrastructure.
With NEL’s systems and operations optimised, the organisation now provides healthcare support services with greater efficiency and confidence. Healthcare practitioners enjoy a more efficient workday, patients benefit from increased security and improved care, and NEL’s service desk spends less time setting up users and correcting human error. Overall, NEL’s partnership with Okta is a huge success.
Providing secure, efficient patient care with Okta
Not long ago, NEL evolved from an in-house government IT department to a B2B provider serving healthcare customers. This organisational shift had the potential to foster a more efficient, secure relationship between NEL and its customers--but only if the organisation modernised its sprawling on-premises infrastructure. NEL’s legacy environment was comprised of several loosely connected systems with multiple access points, which made it difficult for customers to access critical tools, and broadened NEL’s attack surface. This vulnerability was a significant concern for NEL, since it regularly deals with patient data. The organisation acted proactively, partnering with Okta to consolidate its infrastructure, improve its security posture, delight customers, and reduce overhead.
“We have all these different legacy organisations, all with different legacy systems. Okta allows us to bring them all together under one umbrella, with a level of speed and efficiency that wouldn’t have been possible without that technology. It would've taken us five years using a traditional method.”
Neil Goodman, Head of Transformation and Strategy at NEL
- Increased security posture with authentication layer and improved visibility
- Reduced workload for IT with automated provisioning, automatic updates, and reduced helpdesk tickets
- Streamlined user experience with access to all apps through a single dashboard
- Cost savings with reduced IT maintenance
- Increased productivity for healthcare workers leading to improved patient care
Quality IT support for healthcare practitioners
NEL has experienced a lot of change over the past couple of years. Originally positioned as an in-house IT department within England’s National Health Service (NHS), NEL now delivers commissioning support services directly to 60,000 users, including general practitioners, clinical commissioning groups, community trusts, acute hospitals and more.
“Previously, there was a standardised, rigid approach to providing services,” says Richard Brady, NEL’s deputy director ICT technical services - strategy. “We’re transforming into an organisation that really understands its customers’ requirements and systems. When those systems are optimised to increase efficiency, the patient experience will improve.”
Naturally, this shift came with a whirlwind of IT management challenges. Years ago, the work done by NEL was shared by a number of individual organisations. Over time, those organisations merged and their individual on-premise infrastructures were fused together—but not optimised.
“Our customers in Kent might have a different access and authentication work stream than users who access services from Northampton,” says Brady. “We needed to bring them together with a larger service wraparound.”
Fractured systems, frazzled users
These disparate systems created sign-on issues for users, especially general practitioners, who need to access a number of different healthcare platforms and applications every day. Each tool required a different set of credentials, which made for a frustrating, time-consuming experience.
There were security challenges as well. Users would often jot down credentials on random pieces of paper, in notebooks, and in emails, which made them easy to lose or steal. If those credentials did fall into the wrong hands, it was also possible NEL wouldn’t have noticed the rogue access request. Healthcare workers often access systems outside of traditional business hours, which made it challenging for IT admins to monitor activity.
A heavy provisioning workload added to NEL’s IT headaches. Not only did the manual provisioning process prevent IT from working on more specialised tasks, it also created unnecessary security gaps and led to additional service calls. “Currently, 10 to 12% of all service desk calls are related to creating new user identities,” says Neil Goodman, NEL’s head of transformation and strategy.
Ultimately, NEL’s customers needed a modern, convenient and secure IT experience that would increase efficiency and improve patient care, so the company embarked on a massive transformation program that included more than 50 different projects. NEL looked at identity management early on, since it wanted a solid solution that could protect its infrastructure and maintain usability throughout the initiative.
Finding a long-term identity partner
First, NEL needed to figure out how to move the bulk of its infrastructure to the cloud, while maintaining a few of its more important on-premise components. “We need to transform into an organisation that’s a lot more service-focused and takes advantage of cloud technologies, but also builds security around what we have on our on-premises site,” says Brady. “We know that cloud services aren’t going to be right for some of our users or in some healthcare settings. We need to take a hybrid approach to our transformation.”
NEL compiled a wish list and went to market. “We did a lot of analysis to work out what technologies and partners could deliver on our requirements in a meaningful way at a good price point,” says Goodman. “Okta ticked all the right boxes, and was able to deliver the best level of service.”
The organisation was impressed by Okta’s comprehensive list of services, rapid development, and regular release cycles, but it was Okta’s cloud-agnostic platform that set it apart. “We could still use technology belonging to the other providers, but Okta could bring them together,” says Goodman. “We looked at Okta’s growth, as well. We wanted a long-term partner, and Okta can easily deliver on that.”
Okta’s ability to consolidate a hybrid infrastructure was another key selling point. “All these different healthcare organisations have different legacy systems, but we can increase efficiency and automation by bringing them all together under one umbrella,” says Goodman. “Okta will help us do that with a level of speed and efficiency we couldn’t accomplish otherwise. If we used a traditional method, this project would take us five years.”
Building a streamlined infrastructure
NEL purchased a range of Okta Workforce Identity products, including Universal Directory, Single Sign-On (SSO), Adaptive Multi-Factor Authentication (MFA), and Lifecycle Management. Then the company began pulling its disparate systems together, sorting users into groups based on attributes, roles and profiles.
Once NEL migrated all users into Universal Directory, the organisation was able to easily monitor all activity and devices through a single dashboard. The unified system also made the security data of customers readily available—and enabled NEL to work on its complex modernisation initiative behind the scenes, while maintaining a streamlined, secure user experience on the surface.
“That's where Okta really comes in for us,” says Brady. “It gives us the option to add a top layer to all of the transformation work going on in the background. It hides all of the different systems, all the different access points, and gives us one consistent point of entry across all of our topology.”
Simple and secure
NEL further streamlined the customer experience by rolling out Okta’s Single Sign-On (SSO). Now, users can access everything they need to do their jobs with just one set of credentials.
This eliminates the need to remember a plethora of usernames and passwords, and provides a quick and seamless login process that allows users to direct their attention towards providing high quality healthcare services. Security is enhanced as well, because users no longer need to write down their passwords, or leave their sessions open unnecessarily to avoid logging in again.
SSO has also reduced helpdesk tickets related to system accessibility. “Single Sign-On enables people to reset and manage their own passwords,” says Brady. “That also reduces the amount of calls that come through to our service desk. Okta has been a really good pathway for us to be able to implement and make those changes.”
NEL’s new authentication process successfully balances security and usability. Adaptive Multi-Factor Authentication adds a layer of granular security across the entire infrastructure, and includes an array of step-up authentication factors. The organisation finds MFA’s geolocation tracking features particularly useful, as many customers visit multiple healthcare sites on a regular basis. Now, NEL’s IT team can view activity in real-time through Okta’s pre-built application access reports and SIEM integrations.
Increased productivity for all
Once NEL fully consolidated its infrastructure, it was able to automate provisioning using Lifecycle Management, which detects changes to user roles and employment status, and adapts user permissions accordingly. This further reduced the IT team’s workload and increases security by shutting down access to apps that users no longer require.
Of course, automatic provisioning also ensures that users have access to the apps they need on Day One—which means they can spend more time helping patients. “I anticipate that our relationship with Okta will help our users work much more efficiently,” says Goodman. “It'll make their lives easier. They'll be more secure. They'll be able to get on and do the jobs that they need to do, rather than waiting on the technology.”
With new solutions in place, NEL is in a better position to grow and scale its organisation. The establishment is future proofing its services by transitioning to a more digital, cloud-focused and automated environment. This transition allows the healthcare support group to use new, cutting-edge applications, integrated with Okta’s products and services.
As a result, NEL now has the capabilities to adapt to the always-changing needs of its customers—and Okta will be there every step of the way.
NEL provides expert support and advice to help NHS and other organisations to deliver improved health services to local populations. The establishment’s purpose is to support providers to make a tangible and positive difference in the local communities they serve.