Healthcare
Healthcare organizations typically employ many permanent employees, as well as fixed-term and temporary ones, all of whom need access to the organization’s data systems. There is high turnover and many student interns every year. When they are employed for short, often overlapping periods, these people need access to various buildings and data systems simultaneously.
Here, only automatic role-based and service period based identity data management and modern access management tools allow staff to focus on patient care instead of IT and provide the correct access rights from day one.

CASE: identity and access management (IAM) for all employee groups through identity data
A Finnish public healthcare client of ours has 10,000 users of its own, as well as over 1,000 external personnel and over 1,500 annual interns.
Its HR system is outsourced and it was not possible to add identity data needed for organization-wide IAM, such as about organization, supervisor and substitute, to it. Managing external workers’ identities and planning internships created a high volume of manual work in the organization.
CSIT IdentityMaster
CSIT IdentityMaster now gathers all the client’s identity data in one place from various data sources and enriched with the necessary additional data. This is used to offer harmonious, role-based and service period based identity data for IAM which is and will remain up to date.
CSIT ExternalMaster
CSIT ExternalMaster combines the necessary data on external identities and their organizations as part of the identity management solution. This removes the need for manual work.
CSIT StudentMaster
CSIT StudentMaster is used to ease the vast annual workload related to interns. Educational institutes have also been given their own portal which allows them to do things like enter information about requests for internships. With the help of this solution, student coordinators create an internship placement, and the appropriate identity data are automatically exported as part of IAM.
CASE: Rationalizing software licensing costs
A Finnish public healthcare client of hours employs around 4,000 healthcare professionals, and its IT services are outsourced.
Over time, the client’s software licence expenses had increased faster than the number of staff. This was mostly because former employees’ credentials were still active. This created both additional costs and data security challenges.
CSIT DataMaster
The organization’s identity data are now managed by this solution, which includes all user groups’ (permanent, external, interns) identity data, and which have been enriched with data on their organization, supervisors, substitutes, service periods and so on.
This solution has been used to implement identity management based on roles and service periods and automatically provides credentials to the desired systems. When employment or an internship ends, the system automatically deletes the associated user access rights, meaning they do not linger in the system. This succeeded in reducing software licensing expenses by up to 30%.
CASE: 30 minutes’ extra for working with patients on every shift
A Finnish public healthcare client of ours employs around 7,000 healthcare professionals. It is deploying desktop virtualization and uses over 2,000 mobile devices. More and more mobile devices are being used all the time.
The care staff use many different apps which require separate sign-ons. All the sign-ons previously occurred with usernames and passwords, which took the care personnel’s time and attention away from patients.
The organization is using more and more mobile devices, which the IT staff spend a lot of time installing and administering. Before, a large number of the devices were user-specific and large numbers of them were needed. Some devices were shared, but this was not considered desirable for data security reasons.
SSO Solution
We installed an integrated smart card and SSO solution for desktop virtualization that also works on all mobile devices. In this solution, staff sign on using a Valvira healthcare ID card and, depending on the strength of authentication, use its chip or RFID function.
In this solution, work costs are designed to support the needs of care staff. The time saving achieved, 15–30 minutes per shift depending on the role, goes to work with patients. That means that healthcare professionals can focus on patient work instead of IT. Their satisfaction with work has also increased noticeably.
This was also an opportunity to make all the organization’s mobile devices shared in a data secure fashion, allowing it to reduce the ratio of devices to employee. This does not affect user experience, as changing users on a device takes a couple of seconds. Data security has also been noticeably improved at the same time.