Why the NHS Needs Single Sign-on

There are many benefits of single sign-on and the NHS could be a big beneficiary. In this blog, I’ll discuss the importance of a single sign-on implementation for the NHS and its potential to help staff save valuable time.

Like most of us, I am very mindful of the tremendously hard work NHS staff are doing right now. I have nothing but praise for their dedication and the sheer humanity that has led them to their particular careers.

This is at least partly responsible for the frustration I feel when I see that technology, which should be an enabler for NHS staff, lets them down. An aspect of this which I find particularly irritating is the lack of coordination around signing into different systems.

I know from my own work experience how incredibly annoying it is to have to sign in to different devices and applications during the course of a day to do my job. Still, I am fully aware that at worst doing this interrupts the flow of my thoughts and adds a few minutes to my day. But for people working in the NHS, it can be so much more than a minor interruption.

So it’s good to see that the Government has just launched an initiative that will reduce NHS staff login times by providing £40million to address three areas of this problem.  These areas are:

  • working with IT system suppliers to standardise logins and provide multi-factor logins, like fingerprint access, rather than password-led logins
  • ensuring trusts update their processes to give staff appropriate access permissions for the systems they need to treat patients;
  • and integrating local and national systems so staff can access the full range of clinical and workforce systems to support their needs.

In announcing the programme the Government cited an example from Alder Hey Hospital in Liverpool which has implemented a single sign-on technology that’s reduced signing on time from 1 minute 45 seconds to just 10 seconds. This has to be good news.

For people working in the NHS, the ‘sign-on problem’ must be really exasperating at times. Imagine a scenario where a clinician wants to get information about a patient having travelled from an office to the bedside only to have to sign in to the same system for a second time and another scenario where separate sign-ons are required to gather needed information from different service providers.

How frustrating would that be? And how much time is spent on doing this kind of thing that could be spent on other aspects of work? The Government says that at Alder Hey there are over 5,000 logins a day. If each one has been reduced from 105 seconds to 10 seconds that’s more than 130 hours a day saved.

Single sign-on is becoming more and more prevalent in a wide range of situations, with businesses large and small recognising the benefits it brings. These aren’t just about saving time, as important as that is.

Security is enhanced by using single sign-on.  We’re not very good at creating different passwords for different applications or devices. We use weak passwords if the system lets us get away with it, and we’re inclined to repeat the same password on different applications or devices. This is because our brains aren’t wired to remember complex combinations of words, letters and symbols. In general, for things to be memorable, they have to be familiar.

Then there’s the problem of forgetting to log off when you move away from a device. So anyone could come along and sneak a peek at all your stuff – whether you logged on with a simple password or a really complex one.

Why should people have to go through the rigmarole of creating and remembering multiple complex passwords when this is entirely unnecessary and more secure and user friendly sign-on systems exist? I suspect the answer, broadly, is that those people responsible for IT and data security in organisations often have their minds on other things like patching software, protecting networks against intrusions, dealing with software and service providers, and so on. Those poor end-users who are on the receiving end of all the technology can be deprioritised.

At Secure Drives, I’m delighted to see the Government try to fix the sign-on problem in the NHS and put end-users’ needs right at the front of the queue, and I really hope the problem is solved quickly so that right now when people in the NHS are working harder than ever, they can claw back some time and reduce frustration created by multiple sign-on. They really shouldn’t have to worry about this kind of thing when solutions exist.