QUANTUM SECURE - the power to converge

	Title	Size
	QS_SAFE_Healthcare_Solution	495.35 KB

Solutions Overview: SAFE for Healthcare

The majority of today’s healthcare organizations have vastly disparate systems and applications that manage and process employee identity credentials for facility access. Access to areas such as birthing centers, operating rooms, emergency departments, in-patient psychiatric units, pharmacies, pediatric in-patient units, laboratories and parking structures are all managed separately, in different systems with disconnected operations. And with this disparate organizational makeup comes a host of new challenges for healthcare facilities and their Security Administrators: a multitude of vendors, employee and contractor types and role-based facilities access that needs to be managed; federal, state, and local regulatory requirements that must be met; and evolving technologies that, while designed to layer in additional levels of security, can introduce new, costly complexities.

Now more than ever, physical identity management systems that automate the identification and authentication of employees, contractors and third-parties are critical to managing the siloed processes and physical access control systems (PACS) within these healthcare organizations. It appears to be a complicated and daunting task but one that cannot be deferred, for the greater safety of hospitals, their affiliates, employees, contractors, vendors, and patients.

SAFE HEALTHCARE SOLUTIONS

SAFE for Healthcare Facilities Access is part of the SAFE suite of products, a converged approach to the challenges of physical/logical security. SAFE enables security operations to manage identities within disconnected/multi-brand physical security systems and integrate them under unified policies that align with enterprise IT systems including SAP, PeopleSoft, Oracle IDM, IBM Tivoli, Sun IDM, IDMS systems, Kronos, LDAP, and ActiveDirectory.

SAFE provides:

Cardholder’s identity & access management
Regulatory compliance/reporting
Policy/rules & process management
Card & metal key management
Biometric capture & authentication
Visitor management

SAFE FOR HEALTHCARE FACILITIES ACCESS

Quantum Secure’s SAFE suite of products addresses this problem by providing a security management system tailored to the specific standards, processes, and challenges of the healthcare industry. SAFE for Healthcare is built to fit the way you operate, seamlessly automating manual workflows and processes across human resource, workforce and employee management and clinical asset management applications. SAFE enables healthcare facility Security Administrators to manage facility access of staff and vendors through role-based access control, increases staff productivity via self-service security portal and drives DEA, FDA, HIPAA compliance via the SAFE compliance regulator. Powered by a unique policy and business rules engine, SAFE is a commercially off-the-shelf (COTS) solution designed to handle the complexities of physical access and privileges for healthcare facilities, airports, government organizations and enterprise corporations. SAFE interfaces with a wide variety of PACS in real-time, to enforce centralized policies/rules across the heterogeneous physical security infrastructure and IT applications. SAFE for Healthcare will optimize security organization’s performance by connecting people, information, and policies across your facilities regardless of the underlying physical security access controls system.

The SAFE application suite brings together, integrates with and supports all brands of physical access control systems, IDMS, HR, and LDAP systems, along with other custom IT applications and physical security systems. SAFE also provides healthcare-specific workflows and controls in its application suite, such as:

Vendor profile management system to manage multitudes of employees, third-party vendors, and contractors working in different parts of the healthcare organization
Regulatory compliance system to manage complex facility access policies, approvals, denials, sponsor information tracking, and change management to help keep a healthcare facility always in compliance with JCAHO and regulations like HIPAA, FDA, DEA, Sarbanes Oxley, etc.
Biometric positive identification system to capture, store, and verify a user’s identity and background checks
Metal key management system to provide optimum retrieval and tracking of issued keys and linking the key management with roles and policies affecting an identity
Visitor management system to track patients and patient visitors with simple workflows

SAFE INTEGRATES AND INEROPERATES WITH PACS, LOGICAL IDENTITY, AND HEALTHCARE-SPECIFIC APPLICATIONS

SAFE handles the complexities associated with an employee working in multiple healthcare facilities, for different employers, in different capacities, and requiring various levels of physical access. For example, card expiration policies ensure that the card is expired based on defined trigger points (specified expiration time by an external entity, HIPAA or FDA compliance laws, termination of an employee as defined in the HR/LDAP systems, or a report of a lost/stolen card, etc.). Upon issuance of a card, policies determine the access levels of the cardholder and grant them automatically at the PACS level, binding relevant biographical / biometric data of the applicant with the card, along with the digital certificate validation (PKI) if available. The whole process is automated with no error-prone human intervention.

In addition, SAFE integrates with variety of biometric systems (fingerprint, iris scans, etc.) to ensure that identities are authenticated before entry is permitted into restricted physical areas within the healthcare facility.

Business Driver	Solution	The Benefits of SAFE
Cost Reduction Productivity Process Improvement	Access and role management Provisioning / de-provisioning HR access & integration Time management	Full automation and integration with all PACS brands, as well as IDMS/HR/Directory systems like LDAP, MS Active Directory, Oracle IDM, IBM Tivoli, Sun IDM, SAP, PeopleSoft, Kronos, etc. Automated configurations for different PACS Centralized “access privileges” management Role- and time-based access control rules across all PACS Workflow-based centralized cardholder identity and on-board/off-board process management Access control grants, revocation, modification, and user entitlement management across heterogeneous physical and IT systems Enables secure Web-based single sign on
Regulatory Compliance	Restricted zone management Enforced separation of duties Biometric capture & authentication Health screening and testing Background checks	PACS management under strict security and organizational controls Common-policy physical access privileges management of employees and contractors Customizable, granular and entity level delegated administration Policy-based PACS clearance assignment enforcement
Risk Management	Security event management Situation management Statistical trending & follow-up reports	Easy-to-use, Web-based security event reporting and interface Correlation of security data from multiple devices and events Business rules alerting Statistical and behavioral physical anomaly detection Critical event detection Vulnerability management Centralized, secure management of access rights and centralized audit logs

SAFE’s technical architecture is designed to handle data communication securely, with guarantee of service across LAN / WAN networks and among multiple organizations. For example, a hospital and another healthcare facility can easily share information related to an identity of a person in a secure and user-defined method. With SAFE, once-redundant and costly efforts associated with identity management and security for controlling access to different physical environments is now simplified through a common, integrated framework that works for both physical and IT security departments.