Identity Experts helps Doncaster and Bassetlaw Teaching Hospitals implement automated connection from ESR to Microsoft Identity Manager to improve employee productivity and IT security
Every modern organisation needs to deal with the security and IT access problems presented by a more mobile workforce and changing working practices. For a large establishment, keeping such information up-to date can be a nightmare. From coping with slow and manual processes to the lack of control and audibility, the problems faced can be complex, growing and the consequences of doing nothing, serious.
Such a situation was encountered by Doncaster and Bassetlaw Teaching Hospitals (DBTH). DBTH is an NHS Teaching Hospital Foundation Trust with one of the busiest emergency services in the country.
DBTH serves a population of more than 420,000 across south Yorkshire, north Nottinghamshire and the surrounding areas and runs three hospitals: Doncaster Royal Infirmary, Bassetlaw Hospital in Worksop and Montagu Hospital in Mexborough.
Microsoft Identity Manager replaces manual processes
With more than 6,800 IT users across the Trust, DBTH was faced with many issues with regard to system/data access and security, as Head of ICT, Nigel Hall, explained.
“Keeping up to date with regular staff changes with our existing manual processes was simply not working. We could not ensure that new starters got access to the systems they needed in time, or leavers’ access was removed from the system promptly. This meant that both employee productivity and security were being comprised. So we knew we needed to implement an automated system. “
After reviewing the options available, and a thorough procurement exercise, DBTH decided on implementing Microsoft Identity Manager (MIM), an integral part of the Enterprise Mobility + Security (EMS) solution.
“Using the NHS Electronic Staff Record (ESR) system as the ‘gold standard’ for employee data, we wanted to ensure the information on this system was reflected throughout out entire IT infrastructure,” explained Nigel.
“This would guarantee that as soon as changes were made to ESR, they would be quickly reflected in all the relevant IT systems.”
Customised ESR to MIM connector As MIM was a new system to the Trust, they looked for an experienced partner to help them implement it and ensure they were getting full value out of their investment.
After a thorough procurement exercise, DBTH eventually chose Identity Experts (IE) to help them. “I had known staff from Identity Experts for a number of years,” said Nigel. “So, I was familiar with both their expertise and experience in working with MIM. In addition, they were able to offer a unique customised connector from ESR to MIM that would make the task so much easier.”
Identity Experts’ consultants started the project by completely understanding the existing paper-based processes that were involved with creating new accounts. This enabled them to then configure MIM to ensure that when a new record was created in ESR it automatically took care of creating the relevant Microsoft Active Directory (AD) record to ensure staff were given immediate access to the systems and data they needed to do their job.
They also setup the system to take a feed from an in-house application to handle generic, and non-staff accounts. Generic outbound feed from ESR for easier MIM integration “
The IE staff demonstrated a real understanding of the needs of an NHS establishment in this area from day one,” said Nigel.
“This insight was reflected in the fact that they were able to explain to us how we could enable a new generic outbound feed from ESR to more easily integrate with MIM.”
IE consultants then implemented a customised setup of MIM and trained the relevant DBTH staff to ensure they would be able to more easily maintain the completed system going forward.
“The whole project took just under 3 months,” said Nigel. “All the way through I was impressed with IE’s professionalism, ready availability and expertise in identity management.”
Improved day-to-day management of identities and access Now that the system has been running for some time, DBTH are fully able to realise the benefits of their MIM investment, as Nigel concluded, “The time consuming and manual process we had previously has been made completely redundant. Now, with the automated and standardised ESR to MIM to AD integration, a change in ESR automatically updates all our other systems.
“Not only does this improve new starter productivity, it also ensures leavers have access to sensitive systems and data removed promptly, helping to improve our overall security. It also helps in the day-to-day management of identities and access. Now, we can quickly and easily link staff to a particular Care group or assignment in ESR, and their IT access will then be automatically granted.
“I feel confident that with IE’s help and ongoing support our identity management and security within the Trust is now in safe hands.”