Imprivata Boosts NHS Security with Passwordless Access

Imprivata has unveiled a significant upgrade to its security platform, specifically tailored to help the UK’s National Health Service and other healthcare providers navigate a complex regulatory environment. The enhancements focus on delivering passwordless authentication and robust identity management, directly addressing critical standards like the Cyber Assessment Framework (CAF)-aligned Data Security and Protection Toolkit (DSPT) and the Care Identity Service (Spine) Authentication. This move aims to streamline clinical workflows while simultaneously fortifying cybersecurity defenses across the healthcare sector.

The core of this initiative is the Imprivata Enterprise Access Management (EAM) platform. It now integrates context-aware passwordless login, high-assurance identity verification, and AI-driven behavioral analytics. This combination is designed to eliminate common access hurdles for medical staff, allowing faster entry to patient records and clinical systems, all within a more secure framework that meets stringent UK compliance demands.

Fran Rosch, CEO of Imprivata, emphasized the dual benefit for healthcare organizations. “NHS Trusts consistently turn to our solutions to remove obstacles from their daily workflows while enhancing security,” Rosch stated. “With the expanded EAM platform, we are providing the tools to meet new operational and compliance challenges head-on. This ensures clinicians can access vital resources quickly and without interruption, which directly supports patient care.” He further noted that delivering these security and workflow advantages from a single, comprehensive system helps control costs and maximize technology investments, a crucial consideration in a climate of tight budgets.

The update responds to specific pressures facing UK health and care systems. There is a growing mandate to adopt modern, standards-based approaches for identity and access control. Organizations must also clearly demonstrate adherence to national frameworks, including the CAF-aligned DSPT and NHS England’s Spine Authentication service. These requirements highlight the urgent need for stronger, more verifiable authentication practices throughout the NHS.

The new EAM functionality delivers several key capabilities aligned with these priorities:

• Support for CAF-aligned DSPT & Identity Assurance: The platform’s advanced access management and passwordless features help NHS bodies strengthen their identity verification processes. This reduces dependence on shared passwords and demonstrates the multi-factor authentication (MFA) controls mandated by frameworks like the DSPT. Comprehensive reporting and audit trails are included to furnish the necessary evidence for toolkit submissions and independent assessments.

• A Seamless Passwordless Experience: For doctors, nurses, and care staff, the system offers login methods that are both secure and effortless. By moving away from traditional passwords, it alleviates login fatigue, boosts daily productivity, and aligns with the practical needs of the NHS workforce. The platform supports a broad array of authenticator types, encouraging widespread adoption of secure access without creating a cumbersome user experience.

• Role-Based Access and Audit-Ready Controls: Built-in policies that are aware of user roles and attributes ensure individuals receive precisely the access permissions they require, nothing more, nothing less. This helps NHS organizations prove they have compliant access controls in place, enhances accountability, and minimizes the risk of credential misuse or lateral movement by attackers within systems.By providing a unified access management platform, Imprivata EAM seeks to support all enterprise users and clinical workflows. It enables a consistent and seamless experience across the board. The system accommodates a wide variety of authenticator options and combinations, granting users the flexibility to choose methods that best suit their specific needs and preferences.

(Source: HelpNet Security)