About Clark & Daughtrey
Established in 1949, Clark & Daughtrey Medical Group, P.A. is one of the oldest and largest medical practices in central Florida. Clark & Daughtrey is a multi-specialty practice based in Lakeland, Florida. The group consists of 50+ physicians and other medical providers who work in 25 specialties, including primary care, cardiology and oncology.
Clark & Daughtrey's small IT staff is responsible for managing the group's entire technology infrastructure and supporting 325 employees across 30 offices. "We're always looking for ways to use technology wisely," said Nicholas Ivon, director of Information Systems for Clark & Daughtrey Medical Group, P.A. "To that end, we needed a better way to safeguard electronic medical records—and alleviate password management issues. Managing user credentials across disparate systems was a challenge. We needed a more efficient way of managing them."
To access critical applications, Clark & Daughtrey employees had to remember nearly 25 different passwords. "Because of HIPAA concerns, we don't allow our employees to write down their passwords," said Ivon. "With so many passwords to remember, users often forgot them, creating a situation that was taxing on our IT staff. When any one of our 50 providers forgot a password, we had to scramble to get them back in business. You simply can't run a first-class, multi-specialty physician group practice effectively with this manual approach to password management."
Clark & Daughtrey considered various solutions, and found SecureLogin to be the standout choice. "Other products didn't offer the directory integration we needed," said Ivon.
"We found SecureLogin to be a very solid product with all of the functionality we wanted," said Ivon. "Novell (now a part of Micro Focus) has the best directory services in the world, and I wanted tight integration with our existing network directory. SecureLogin works with several directory types so I knew that if we had to switch directory services in the future, we wouldn't lose our existing technology investment."
Clark & Daughtrey deployed SecureLogin and Modular Authentication Service, in combination with a fingerprint biometrics solution. Users now provide their user ID and password, as well as their fingerprint, and gain single sign-on access to the applications they need. These include the organization's practice management system, electronic medical records, GroupWise®, hospital terminal emulation, Nortel voice/fax/email integration system, electronic billing, automatic call distribution, a homegrown document management system as well as extranets and hospital radiology systems.
The single sign-on/biometric solution has benefited employees across Clark & Daughtrey. "SecureLogin accelerates users' access to data, while ensuring that sensitive information is protected," said Ivon. "Providers no longer have to worry about delays accessing the records they need, enabling us to provide better patient care."
The single sign-on/biometric solution dramatically increased the security of Clark & Daughtrey's e-medical records and plays an integral role in its compliance with regulatory requirements. "Using SecureLogin, we have greater confidence that we're complying with HIPAA requirements," said Ivon. "When users enter their credentials, we know they're only getting access to the information they are authorized to view. In an increasingly regulated and complex healthcare environment, these assurances are essential."
SecureLogin encompasses critical security audit capabilities. "Without this type of security solution in place, a user could log in using someone else's credentials to access records they shouldn't be and there would be no way of verifying who was actually in the system," said Ivon. "SecureLogin helps prevent those kinds of problems."
The solution has also significantly improved staff productivity. "SecureLogin has proven very effective at increasing employee efficiency," said Ivon. "Managing a large number of user credentials manually was a big waste of time for both our IT staff and our providers. SecureLogin has eliminated these issues. We no longer have to spend time on password resets, and we can on-board a new application with single sign-on in a matter of hours. As a result, my team has become much more proactive and the organization has realized a fast return on investment. In fact, we estimate the solution paid for itself in just over nine months."
"Another benefit of SecureLogin is the ability to create proactive notifications and self-healing applications," said Ivon. "Depending on the problem, we can send automated e-mail notifications to our IT staff, and in some cases simply fix the problem on the spot. This greatly improves the end user experience, and frees our IT personnel to focus more on project initiatives."