The Need for Speed: How Healthcare CIOs Can Accelerate M&A with Cloud IAM

The healthcare M&A market is on fire! While M&A events can be very beneficial, successfully integrating two (or more) organizations is often operationally and technically challenging. In this whitepaper, we will examine some of the biggest hurdles IT faces in an M&A event and share how cloud identity solves these challenges.



“Merger mania” continued in the healthcare M&A market in 2016. According to PriceWaterhouse’s US Health Services Deals report, there were 939 healthcare M&A transactions in the US in 2016 for a total deal value of nearly $72 billion. High deal volume is being driven by several factors, including healthcare reform (the Affordable Care Act, MACRA and the move to a value based care system, etc.) and financial incentives for vertical integration and consolidation in the industry.

IT plays a crucial role in successfully integrating organizations. M&A events often bring together new systems, new applications, new end users, a new user store, or all of the above. These integrations can be complex both technically and operationally. And timing is everything. It’s critical to quickly reach the point at which efficiencies can be realized. Organizations need to be agile and cost effective; they can’t be burdened with IT redundancies from an M&A event (which is often the reason for an acquisition to begin with).

Yet, IT issues are often responsible for slowing down M&A events. Typically in a merger or acquisition, both parties will already have an existing identity and access management (IAM) solution in place. This solution may be completely on-prem, in the cloud, or a hybrid environment. The two organizations likely have different security functions, policies, and user access levels. They likely use some different critical applications (email, HR, expense management, etc.), and store their users in one or several Active Directory domains. CIOs are challenged with harmonizing these solutions with the fewest interruptions possible to clinicians and staff.

One of the biggest hurdles for a CIO in an M&A event is managing multiple domains. It’s critical for a CIO to have a centralized place to manage all users, groups and devices regardless of where they’re actually stored. Organizations can spend an enormous amount of time consolidating domains in a merger or acquisition when they don’t necessarily need to. Scalability of systems can also be problematic. In many cases, a parent company’s existing infrastructure can’t scale to handle the new infrastructure of the acquired organization, and can trigger frustrating domain consolidation and infrastructure projects.

On top of all this, CIOs must ensure staff and clinicians remain productive during, and after, an M&A event. This can be a huge juggling act. On one hand, users need immediate access to critical parent company applications, like email. At the same time, CIOs don’t want to cut off access to former applications until they are successfully transitioned. Also, in many cases, the acquired organization will have applications that a parent company is interested in adopting. A parent company needs the flexibility to take on these new apps and successfully transition their clinicians and staff to them.

Cloud identity is the foundation that organizations need to successfully complete M&A events. It’s scalable. With a cloud identity solution, organizations can easily (and immediately) take on new clinicians and staff, new apps and new systems. Cloud identity is also agile. A cloud identity solution quickly and easily connects to an acquired organization’s directory (or directories) for a unified view of their new environment. This enables a parent organization to grant user access to key apps very quickly. And, it’s flexible. Cloud identity doesn’t require all users to use the same apps, devices or MFA factor. It allows IT to apply certain policies to certain groups.

Okta was built to make acquisitive organizations successful. Okta is the foundation for secure connections between people and technology. Its 100% cloud-based platform gives organizations the flexibility to choose which tools they want to use and how to use them.


WPR healthcare cios domains


Okta solves the pain of directory consolidation. Okta can be quickly connected to the AD domain of an acquired organization without any network configuration. This enables IT to give clinicians and staff access to parent company applications, and vice versa. With Okta, CIOs have a choice of whether or not to consolidate domains. In many cases, the best scenario is to leave existing infrastructure in place and layer a cloud identity solution over it to unify organizations. Okta’s Universal Directory (UD) provides a centralized repository for user identity information. A parent organization can store profile information, manage passwords, and apply access policies via Okta’s Universal Directory. With UD, Okta can master users from an unlimited number of AD or LDAP directories. Okta saves customers an average of 400 project hours by eliminating the need for domain consolidation. And for companies that still prefer to consolidate domains, Okta speeds that process up, saving the average customer 120 hours.

Companies in an M&A event will very likely have synergies, but no two organizations are exactly alike. Okta enables heterogeneous environments to seamlessly co-exist. For example, an acquired organization may not use the same multi-factor authentication solution as its new parent company. Okta offers a variety of factors (Okta Verify with Push, Voice and SMS), but also supports easy integration to third-party factors. With Okta, clinicians and staff don’t have to use the same factor right away (or ever). They have the flexibility of factor choice. Okta’s heterogeneous environment eases the transition for end users, and also reduces some of the complexity of integrating two organizations.

Getting clinicians and staff up to speed in a merger or acquisition is critical to its success. With Okta Single Sign-On, users can access all their applications with one username, one password, and one session. The Okta dashboard is a quick and easy way for users to identify which apps to access and when. This may initially be the parent organization’s email and HR system, but their existing expense management system. Several weeks later, expense management may also be the parent organization’s.

Allergan is one Okta customer that has certainly benefited from this technology. Acquisitions are a huge part of Allergan’s growth strategy. In one year alone, the company did 13 acquisitions.

Okta’s multi-tenant architecture makes it extremely scalable and reliable. Because all components (other than the databases) are stateless, any server in the stack can handle any inbound request. If any individual component malfunctions, a request will simply be redirected. Furthermore, any components of Okta’s system can be scaled up simply by spinning up new virtual machines in AWS.

Mergers and acquisitions can add tremendous value to healthcare organizations today. But in order for this value to be realized, integration must be successful—and fast. Cloud identity promises to help organizations merge more quickly, while setting up a modern foundation for future technological innovation.


WPR securing cloud access identity cloud