Executive Summary: HERA Digital Health partnered with the Okta Identity Lab to secure medical records and access to their tools for displaced populations. By implementing Auth0's Universal Login and WhatsApp-based authentication, HERA eliminated login friction and protected sensitive health data against bot attacks in low-connectivity environments.
How HERA provides digital healthcare for refugees
HERA Digital Health provides a mobile platform and WhatsApp chatbot to ensure refugees have uninterrupted access to healthcare, enabling families to locate and communicate with providers, track immunizations, and schedule prenatal checkups.
For refugee and displaced populations, secure digital identity and protected medical records can mean the difference between health and hardship. But behind this mission lies a complex technical challenge, and a deeply human one.
"Health systems were only designed for people who are born and die in the same place, not for people who have to move," explains Jennifer Freedman, Director of Operations at HERA.
For the nearly 117.3 million forcibly displaced people worldwide, this systemic gap can result in some of the worst health outcomes on the planet. To date, HERA has impacted nearly half a million people, facilitating over 60,000 healthcare connections in environments where traditional systems often fail.
Challenges of managing identity for displaced populations
For refugees, the digital divide isn't just about connectivity; it's about safety. As of 2025, over 70% of displaced households report that concerns over surveillance and data misappropriation prevent them from using digital health tools. This 'trust gap' means that without world-class security, life-saving apps remain unused.
HERA looked to Okta to help them build a 'firewall of trust' around refugee health records, helping ensure that identity is a tool for protection, not a risk for detection. But their original system faced hurdles that many nonprofits will recognize:
Security vs. accessibility: Protecting sensitive health data without creating barriers for users with older phones or limited tech literacy was paramount. "In a humanitarian setting, the technology infrastructure is different," says Freedman. "We need to ensure the tools we're building can work in these low-connectivity conditions and be light-weight, refugee-oriented, and secure."
Resource constraints: HERA's technical team consists of just two people: Chief Technology Officer Su Yuen Chin and a single software engineer, Hüsam Burhan. Every hour spent building custom authentication was an hour taken away from developing life-saving health features.
Multiple login friction: Before implementing Auth0, users had to juggle different credentials across HERA's mobile app, WhatsApp bot, and e-learning platform. "For most of us, that would be a hassle," notes Brad Goettemoeller, Nonprofit Solutions Architect at Okta, "but for these refugees, managing multiple passwords to get essential healthcare can be a barrier to a new life."
Bot attacks and usage spikes: Malicious bots threatened platform stability while legitimate usage surged during refugee community events, consuming precious bandwidth and limited nonprofit budgets.
Solving the barriers to nonprofit digital transformation
Nonprofits are the experts on what their communities need, and technology helps them deliver. However, the path to digital modernization is often blocked by three major hurdles:
- A lack of funding for digital transformation
- The high cost of premium technology
- Limited internal resources or specialized skillsets
Okta for Good launched the Identity Lab (formerly known as the Innovation Lab) to dismantle these barriers through a comprehensive, multi-year grant model. Participating organizations receive cash donations to create time and space for technical projects, product donations to equip teams with industry-leading tools, and dedicated services to enable success regardless of a team's size or technical expertise.
The Identity Lab helps social impact organizations build the secure, automated identity foundations they need to scale their impact safely.
How HERA implemented a secure identity foundation
By participating in Okta for Good’s Identity Lab, HERA received the three critical resources most nonprofits need for digital transformation: funding for the project, donated Auth0 technology, and hands-on technical services to bridge expertise gaps.
Auth0 provided HERA with a flexible, developer-friendly identity cloud that helped solve their challenges out of the box:
- Universal Login: A single, lightweight sign-on experience that works across their digital offerings for refugees
- Custom phone provider: Leveraging Auth0's extensibility to send one-time passwords via WhatsApp API instead of unreliable SMS
- Proactive bot defense: Built-in CAPTCHA and bot detection that shields limited resources from being spent on malicious traffic rather than people
- Scalability for mission moments: The infrastructure to handle significant spikes when HERA hosts events for refugee communities
Integrating Auth0 into a lean nonprofit tech stack
Using Auth0's extensive documentation and SDKs, Burhan quickly integrated secure authentication into HERA's tech stack, with Goettemoeller and Okta's technical services team providing guidance at critical junctures.
This collaboration provided resources to augment HERA’s small team, allowing them to bake in best practices from day one and shift their focus from the "nuts and bolts" of identity to innovation and impact.
Measuring the impact of secure identity on refugee health
Today, HERA's platform is infinitely more secure. "We have two security priorities at HERA," Freedman explains. "First is to ensure the refugees' data stays safe, and second is to provide uninterrupted healthcare as users have to move between cities and countries." Auth0 helped HERA deliver on both.
By offloading the complexity of identity to Auth0, HERA has achieved:
- Reduced friction: Refugees can move seamlessly between health services and educational content without managing multiple passwords
- Data sovereignty: Displaced families now have a safe, digital place to store their medical history, providing continuity as they cross borders
- Real access to care: A streamlined experience gives refugees better access to health care, allowing them to translate their needs to their doctors, find the nearest health center, and call emergency services.
With a secure foundation in place, HERA is looking ahead. "We want to incorporate AI-powered tools even more to help refugees access healthcare," says Freedman, "but we also want to look to use our technologies in other humanitarian settings around the world, which is why we always aim to open source our tools and share our learnings."
Security resources and discounts for nonprofits
HERA’s story demonstrates that you don't need a massive IT budget to have world-class cybersecurity and operational resilience. Whether you are a small local nonprofit or a global relief organization, Okta and Auth0 can help you protect sensitive data, meet your compliance standards, and focus on better serving your people and communities.
Beyond the Identity Lab, Okta for Good provides all eligible nonprofits with discounts on both foundational and advanced products:
- 50 free Workforce Identity licenses, plus 50% off additional licenses
- 50% off Customer Identity and Auth0 plans to secure your external users
- Free technical services for project and implementation support
- 50% off the Expert Learning Pass, and access to 200+ complimentary Okta Learning courses
- Five complimentary passes to Oktane, Okta’s annual user conference
Ready to start your identity journey? Learn more about Okta for Nonprofits.
