COVID-19 surge readiness: use cases demonstrating how hospitals leveraged digital identity access management for infection control and pandemic response

SSO enabled clinicians to attest being symptom free at shift start

During an outbreak of a highly transmissible pathogen such as SARS-CoV-2, clinicians can inadvertently spread infection across the hospital. Having clinicians attest at the start of shifts that they were symptom free was critical to reducing viral spread. However, the symptom attestation process must be simple and rapid to ensure compliance and avoid disruption of clinical workflows and care delivery. To enable such rapid attestation and reduce the risk of clinicians adding to the facility burden of infection, hospitals needed a way for clinicians to log in and attest to ‘absence of symptoms’ with real-time reporting. Employees not providing care needed to be differentiated from those working in a clinical setting with elevated transmission risk to vulnerable patients and clinical colleagues.

A capability for attesting to the absence of COVID-19 symptoms was implemented which did not require all hospital staff but only clinicians at greatest risk of infection transmission to attest. Hospitals leveraged SSO to enable reporting of symptoms among only clinicians through a home-grown survey application that assessed for COVID-19 symptoms according to guidelines iterated by the US Centers for Disease Control and Prevention. This survey function was linked to SSO via an application programming interface so that when a user logged into a workstation, clinicians were automatically prompted to respond. There was no need to enter a username or password to log into symptom attestation, and multifactor authentication enabled users to quickly verify their identity easily and securely.

Hospitals implemented this functionality so it would not be intrusive and would only prompt clinicians once per 12-hour shift at shift start. Clinicians simply tapped their proximity card when prompted in the health attestation, confirmed they were symptom free, and could then begin work. Responses indicating a clinician could be positive for SARS-CoV-2 infection were automatically transmitted in real time to the hospital infection control team for review and appropriate response.

SSO deployed for exposure and contact tracing of facility clinicians

Yale New Haven Health, a system with seven hospital campuses, created a real-time process to monitor exposure and infection spread by using SSO workstation login records to help track and reduce risk of transmission from potentially exposed individuals. SSO reporting capabilities coupled with location logs enabled identification of exactly where and when users accessed specific workstations across all patient care areas, including those with infection risk. SSO audited the activity of clinical users when users authenticated to workstations, including user identity, workstation and date/time. Audit data retrieved from SSO cross-referenced with the known location of workstations (eg., Nurses Station 3 East) enabled granular infection contact tracing.

Combined with EHR data and workstation mapping, Yale first deployed SSO to accurately track infection exposure and transmission risk for measles and used the same approach to control facility spread of SARS-CoV-2. As clinicians are at risk of contracting infection when treating infected patients and may be exposed before patients exhibit symptoms, SSO detected if clinicians accessed a workstation near a patient or another clinician who subsequently tested positive. The real-time data generated by SSO enabled the facility to identify clinicians who had been in patient care areas where there was high potential risk of exposure and contracting infection.

Yale used multiple data points such as staffing lists to assess risk, while SSO conveyed granularity to identify specific users accessing workstations in units at elevated risk of infection exposure. With SSO providing the date and time of access, and how long it was used (duration of exposure), hospital infection control identified clinicians potentially at risk who accessed a workstation near a patient who was confirmed positive. This was accomplished by analysing data SSO collects when clinicians tap their proximity badge to access a workstation. By matching SSO audit data to location of workstation and patients confirmed positive, hospitals in future surges can determine which specific users were in areas with elevated risk of infection, for how long, and the infection control team can take necessary steps to interrupt further disease transmission. Leveraging SSO data in such a manner can be a powerful tool for infection control teams working to minimise pathogen spread during unexpected or novel outbreaks.

SSO deployed to enable mandatory clinician temperature checks/reporting

During COVID-19 surges, hospitals required clinicians to check and report their temperature twice per shift to monitor for potential infection. Hospitals and health systems with SSO, such as Yale New Haven Health, developed and deployed a home-grown internet-based application to support this workflow that was minimally disruptive for clinicians. Integrated with SSO, clinicians were able to badge tap into a workstation and access the application to report their temperature, ensuring the added workflow was fast and easy to complete. SSO also provided audit data to help hospitals track compliance with the twice per shift temperature reporting requirement. Here again, hospitals identified a use for SSO that was beyond its original design intent, but which delivered critical value in managing the crisis precipitated by COVID-19 volume surges.

Inpatient telehealth consults and virtual inpatient rounding in isolation units to reduce infection risk and consumption of personal protective equipment

During pandemic response, hospitals needed to minimise non-essential in-person interactions between care providers and infected patients to mitigate infection spread and to conserve limited supplies of personal protective equipment. Hospitals such as Nebraska Medicine, and in the UK the Royal Surrey NHS Foundation Trust, used iPads/mobile tablets or smartphones to facilitate on-site telehealth sessions with infected patients in isolation. Hospitals enabled clinicians to conduct clinical televisits without elevating clinician exposure/infection risk. Reducing contact with infected patients was critical to reducing viral exposure and transmission within care delivery settings. Royal Surrey used Ascom smartphones and the Attend Anywhere video consulting application for virtual rounds in the intensive care unit (ICU), with one physician rounding in person while linked remotely to colleagues.

To ensure patient confidentiality, a unique sign-on for each inpatient telehealth encounter was needed, and it was imperative to institute a hands-off login process. A comprehensive mobility solution (Imprivata GroundControl) was implemented at Nebraska Medicine to deliver automated provisioning, secure checkout and fast access to devices and applications. Clinicians tapped their proximity card on a docking station to check out a tablet for their shift. When accessing applications on the device, proxy credentials eliminated clinician need to manually type username/password. This enabled hospitals to automatically provision and digitally sanitise shared tablets, ensuring patient privacy through compliance with the Health Insurance Portability and Accountability Act (HIPAA), and helped hospitals set up, personalise and secure shared tablets. When finished, the device was returned to the docking station to be reset/cleaned and recharged for the next user.

Mobile devices enabled virtual visits between isolated patients and families

During COVID-19, hospitals instituted patient visitation restrictions to reduce risk of spreading infection. Patients—some at risk of death—were isolated from and unable to communicate with loved ones. Enabling virtual visits between isolated patients and family members on shared mobile devices was an important and humane part of care delivery during the COVID-19 crisis. A mobility solution for clinician telehealth encounters with isolated patients also enabled hospitals such as the University of Rochester Medical Center (URMC) to provide patients iPads/tablets for safe family visitation without sharing air space with infected patients.

Mobile devices allowed quick and secure access to conferencing applications, enabling virtual inpatient family visits without risk of infection. Consumer chat applications such as Skype, Facebook Messenger and FaceTime were deployed with requisite privacy and information security measures. In providing iPads to patients for communication with visitors, URMC needed a way to provision, configure, wipe clean and reset devices back to a ready state for next patient use. In addition to physical disinfection, with SSO and a mobility solution it was possible to digitally sanitise identity on shared iPads/tablets while they were recharged to set up and secure the devices for use by other patients. In the UK, the Royal Surrey NHS Foundation Trust also provided virtual visits for patients in isolation, repurposing shared mobile devices accessed through SSO. A link sent to the patient’s family connected to the virtual meeting with the patient, and at session end patient access was tapped out and the device cleared and cleaned for next patient use.

SSO rapidly authenticated into mobile devices without touching screens

During the pandemic inpatient nurses used mobile devices to share real-time patient vitals with remote physicians (e.g., in the ICU). Manual login while gloved is difficult and consumes time. Sharing mobile tablets increases risk of spreading infection, and during surges hospitals used SSO to enable staff to tap their badge to log in and out of devices during clinical care delivery. The Cambridge Health Alliance deployed SSO into their ICU Microsoft Surface Pro tablets to log in simply and rapidly and connect with remote physicians. SSO enabled badge tap in for instantaneous touchless access, mitigating infection risk and facilitating real-time communication with remote physicians.

Secure access enabled for rapid expansion of personnel working remotely

Patient volume surges increased the risk of hospital-acquired infection among attending clinical but also administrative personnel not involved in care delivery, and hospitals rapidly expanded the number of workers shifted to remote work. New York City Health+Hospitals (NYCH+H) sought to enable some clinical personnel, such as consultants, to work remotely when feasible. Remote workers needed network access that protected confidential patient medical information and secured against unauthorised access by cybercriminals taking advantage of COVID-19 to perpetrate phishing attacks.2 Multifactor authentication was needed to help hospitals ensure information security as their remote workforce expanded. A solution providing fast, secure multifactor authentication for remote access, Imprivata Confirm ID, was provided to hospitals such as NYCH+H and Children’s Hospital of the King’s Daughters in Virginia. It enabled rapid expansion of secure access for remote workers with minimal disruption of critical workflows. Coventry and Warwickshire Partnership Trust in the UK was able to deliver secure home/remote work for more than 4000 staff from 60 different locations in several days.

SSO monitored attendance of temporary workers

COVID-19 surges forced many hospitals to rapidly ramp up temporary clinical and other staff. A challenge hospitals faced was a need to enable secure access and monitor staffing and work attendance of temporary workers to ensure appropriate staffing needs were met and to enable related financial processes. NYCH+H deployed SSO to enable temporary workers to badge log in at the beginning of shift, just as it does for permanent staff members. SSO authentication enabled hospitals to confirm when temporary workers had started their shift. This eliminated need for additional solutions to address this requirement, alleviating an operational concern during the pandemic when temporary workforces were alternately expanding rapidly and subsequently contracting as patient volume surged and waned.