Identity + RBAC Tighten Security in Healthcare

As worries about coronavirus (also known as COVID-19) mount daily, healthcare and health care organizations work valiantly to deliver quality healthcare. Potential exposure of health care workers to COVID-19 risks further shortages of hospital staff and clinical service providers. This presents a security challenge in rapidly authorizing individuals to fill needed roles as they are temporarily vacated. Role-based access control (RBAC) has long been the standard many organizations adhere to when establishing security and limiting access to resources. In a rapidly changing environment RBAC alone falls short of meeting data privacy and security needs. Implementation of role-based access controls (RBAC) alone no longer aligns with the needs of modern healthcare or the incorporation of cloud software and ecosystems. RBAC indicates the use of static roles and groups to restrict access to sensitive data and critical systems with a set it and forget it mindset. In the past RBAC alone was sufficient, but cloud migration strategies and a fluid workforce require time-bound access to maintain proper governance. Healthcare organizations have a dynamic structure and must accommodate individuals working in varying shifts, multiple clinics, or research areas, which requires shifting permissions depending on their duties at a given time. RBAC alone simply cannot keep pace with modern healthcare security needs.