How AI-Driven Identity Security Enables Clinician Autonomy episode artwork

EPISODE · Jul 27, 2023

How AI-Driven Identity Security Enables Clinician Autonomy

from Info Risk Today Podcast · host InfoRiskToday.com

Healthcare entities are "stressed," in the words of SailPoint's Rob Sebaugh, and identity security in particular has taken a steep toll. But modernization, led by AI-driven identity security, can help reduce risk and even enable new levels of clinician autonomy.

Episode metadata supplied by the publisher feed · Published Jul 27, 2023

Healthcare entities are "stressed," in the words of SailPoint's Rob Sebaugh, and identity security in particular has taken a steep toll. But modernization, led by AI-driven identity security, can help reduce risk and even enable new levels of clinician autonomy.

PodParley-generated summary based on available episode metadata and transcript content.

NOW PLAYING

How AI-Driven Identity Security Enables Clinician Autonomy

0:00 0:00
of MATCHES

TRANSCRIPT · AUTO-GENERATED

Hi there. I'm Tom Field. I'm senior vice president of editorial with Information Security Media Group. My topic of discussion today is how AI-driven identity security can enable clinician autonomy.

My privilege to be speaking with Rob Seebaugh, he's healthcare identity strategist with Sailpoint Technologies. Rob, thanks so much for taking time to speak with me today. Yeah, thank you very much. Thank you for having me.

Really looking forward to it. Rob, before we started this conversation, you described healthcare entities to me as being stressed. What do you find to be the biggest contributing stress factors? Yeah, I mean, look, healthcare is in a state of change, right?

We've disrupted the normal process for care. We've added new technology, ways to communicate with patients, expectations from patients who are evolving, right? If you look at the high volume of merger and acquisition that's happening, it's really the main point of it for most organizations is to extend the continuum of care, but that keeps adding stress. When you have data technologies, you're trying to merge things and manage who's where, what, and when, right?

Staffing is a challenge. Think about the large influx of travel nursing and those higher costs, by the way, are then passed to the patients. So when we think about the stress factors in healthcare, let's be clear, healthcare organizations, they have no money, right? Every efficiency possible that you can find to gain value and reduce operational overhead is critical to stabilizing things, right?

So we constantly talk about trying to find better outcomes for patients. And I feel like, as we look at technology to help enable that, we're a big key factor in helping healthcare organizations be successful. So with this stress, what would you say is a toll on identity security? One word explicit, right?

If you think about it, so many organizations are seeing the value of shifting a club as an example. If that they fail to realize how drastically disruptive that is for their operations, their clinical staff, their patients, think about lifting large platforms to the cloud and essentially rewriting how we manage people, how we interact with people. I will tell you just personally coming from industry that the biggest complaints out there are the ones about getting access to IT services and IT resources, right? We have to think about identity at the core, but stop causing friction in the process.

So Rob, give it what you share. How can these healthcare entities actually begin to modernize their identity programs without having to start over again from square one? Yeah, it's a great question, right? So I always talk in terms of if you sit yourself in the head of an IT organization, or your responsible, not just for the security, but the budget, the enablement of services, right?

You've made a ton of investment in a bunch of things already, right? Whether you're doing things on-prem, doing things in the cloud, the goal has to be leveraging those existing investments. It can't be time to rip everything out and do everything, you know, the way of the new vendor or whatever it might be. So we tend to talk about, or I can talk about what I call identity context.

Every one of those investments you've already made has a significant amount of data that can be leveraged for identity purposes, right? And we look at that, and we want to look at, by the way, not just your applications, but think about unstructured data, think about things that are sitting in, you know, file systems, file shares, right? We want to develop your identity footprint. We want to look at and go, hey, what are you actually doing?

What do you actually need? Enough access. Do you have too much access, right? If you carried things with you from job to job as you've been with this organization for a decade, right?

This is where we start to insert insights and intelligence then into the platform. This is where we start looking at going, hey, how do I bump all of this up against some type of peer group analysis and true data science to say, hey, is this appropriate? What does, and another great question is, can you even answer what bad access looks like, right? So we don't want to, we don't want organizations to start from square one.

We don't want to rip and replace big long-term investments. You want to compliment that, right? You want to come in, you want to understand that identity context. You want to govern inappropriately.

You want to manage and govern the right types of access, the necessary types of access, and you don't have to start from scratch, right? These are things that used to be we talked about governance only, and then it was, oh, we need to automate things. So we went and built a bunch of PowerShell scripts. We don't have to start from square one anymore.

We can start from the immediate jump point that insights and intelligence affords us. I want to ask you about some of the potential benefits we can, please, and let's start with this one here. How can you improve clinical staff retention and satisfaction by reducing friction with IT teams? Look, I'm sorry, do you have another one there?

I thought I cut you off. I got a handful there, but that's the one I want to talk about right now. How can you improve clinical staff retention and satisfaction by reducing friction with IT teams? Sure.

Look, I have a tendency of saying a well-managed identity program will, by default, provide you security and end user what we can call happiness, right? Again, back to the point, your highest friction points with any clinician staff, clinician management, anyone having to deal with requesting and approving and managing and governing access will always be unless we reduce the problem, reduce the friction will always be getting access to IT services and applications, right? We want to see clinician management as an example be enabled with information to make better decisions. We want to be able to programmatically with real data science say, hey, thumbs up, you should probably approve Tom's access because 98% of the other people in this job in this role have the same access safe to say, okay, or you want to remove Rob's access because he's the only person in an organization of 35 that has it and it doesn't seem appropriate, right?

Now, related to that, how about onboarding non-employee clinicians such as the travel nurses you talked about and be able to do that faster and more securely? Yeah. So again, your identity program is sort of like your business card. When somebody touches your organization, just think about a travel nurse, think about somebody that is literally living in temporary housing is part of your organization.

You need them to be emotionally invested and invested there, not just for the paycheck, but you know that that person can pick up and leave at any time and go somewhere else. So how do you entice that individual to stay with you? How do you entice them to work because you don't have the local talent pool that you need in order to enable the services you're trying to provide? That onboarding experience, that touch to that travel nurse is so critical because they have a bad experience and they can't do the work they came to do.

Most of these people are tenure professionals, they don't want to sit around and do nothing. They want to work. They want to help people and they don't want technology to be in the way. So removing that friction will absolutely entice them to stay and then also, by the way, doing that better governance, right?

Now we're improving security. Now we're reducing operational overhead. It's a win-win. Now, how about this?

Preventing disruption with autonomy by enabling your clinicians to make smarter and faster. Access decisions. Talk about that, Liz. Yeah.

Look, an identity program has to cleanly onboard people. It has to cleanly manage the process of obtaining access and, again, back to the whole concept of this conversation, autonomy. This is about driving the right access at the right time to the right individual, frankly, ideally without the need to even request it. We should know that this particular role needs this particular function, but things organically change, right?

A nurse may go on a maternity leave in a different department. You might have to backfill that nurse with another individual who then needs extended access across both areas, right? You have scenarios where someone is a student at night for the same health system that they work for during the day, and one day a week, they're in one facility, three days a week, they're in another facility, one week in a month, they're volunteering doing something else. Think about the ecosystem of contacts out there that we must understand and then think about how we drive better access decisions.

The only way to do that is their insights and intelligence. There's no amount of spreadsheets and manual eyes that can cover that type of ground for the complexity of healthcare. So Rob, I understand that, Tom, you understand the automation, but talk to me about this. How can modernization actually help reduce risk?

Sure. So anything manual has a potential for risk. A modern identity system enables you to intelligently certify areas of perceived risk, right? So think about using peer group analysis where we might identify that one user has retained access for a very long time.

We mentioned this a minute ago. Healthcare is very common for people to stick around. If I become a nurse in a particular area, I might be there for 15 years, and I might move around. I might move from one department to another.

Maybe I started nights in the ER and I'm working days in a whole different area. I don't want to carry that access with me to those other areas because that's risk for the organization. But the nurses don't really know what they have and what they don't. And I can tell you from personal experience that even the ones that do, they often like to keep it because it means they can still do more.

Again, this is about, we're talking about professionals that really do want to work. They want to have an impact. But if we can modernize these platforms and we can provide the right type of automation, the right type of access governance, but also the right type of process of granting access, we start to drive a more secure system for our patients and for our health systems, but we also reduce that friction on that problem, that perceived issue with getting access back. So I'm more likely to go, I don't need that now.

I'll request it when I need it because I know it's easy to get it back. I know how the approval chain works. I know that it's not going to be months and months of problems and wait times and cues. Rob, we've covered a lot in a short period of time here, but one of you might talk to me a little bit about sale point.

How are you uniquely positioned to help health care entities tackle these challenges we talked about? Yeah, sure. Look, sale points are leader in the space. Our identity security cloud, it's designed with intelligence as a foundation.

We start learning from your identity context, day one, we've got over 120 healthcare dedicated staff, right? So that's not 120 staff at sale point. There's 120 people across pre sales, professional services, customer success management, product and software development that focus specifically on provider organizations, right? Laser focused on enabling clinical environments and reducing that sort of operational and clinician management friction, right?

Additionally, statistically, look, we've got over 250 health systems at the UCL point today. That translates to well over a thousand hospitals. That's everything from small rural hospital systems to large systems, academic teaching hospitals, surgical centers, we know the business, we know identities and enabling for security and healthcare. And frankly, we're here to support those organizational goals.

Rob, thanks so much for your time and insight today. Thank you, Tom. I appreciate it. Thank you for having me.

Again, the topic has been how AI driven identity security could enable clinician autonomy. You've just heard from Rob Siba, his health care identity strategist with sale point technologies for information security media group on Tom Field. Thank you for giving us your time and attention today.

That Hoarder: Overcome Compulsive Hoarding That Hoarder Hoarding disorder is stigmatised and people who hoard feel vast amounts of shame. This podcast began life as an audio diary, an anonymous outlet for somebody with this weird condition. That Hoarder speaks about her experiences living with compulsive hoarding, she interviews therapists, academics, researchers, children of hoarders, professional organisers and influencers, and she shares insight and tips for others with the problem. Listened to by people who hoard as well as those who love them and those who work with them, Overcome Compulsive Hoarding with That Hoarder aims to shatter the stigma, share the truth and speak openly and honestly to improve lives. The Small Business Startup School – Business Notes | Financial Literacy | Retail Psychology – For Professionals & Entrepreneurs The Small Business Startup School Inc. Starting or buying a small business? While personal circumstances may vary, business patterns remain timeless. On The Small Business Startup School, we explore strategies, insights, and practical solutions to help entrepreneurs confidently navigate their journey.Hosted by Ola Williams—a retail entrepreneur, fintech founder, and financial coach with over two decades of experience—this podcast marries financial awareness and retail psychology with optimism to deliver actionable takeaways.Join us to learn, grow, and connect as we uncover the keys to business success.Let’s continue to learn together and be encouraged to keep on connecting! DIOSA. Carolina Sanper This podcast is a sacred space created by Carolina Sanper where you connect with your inner wisdom and embody your magnetic feminine power.It is the realization that the mystical realm is where you plant the seeds of your desired reality.It is a portal to your true essence: awareness, presence, and receiving with ease. Welcome home, DIOSA. 🖤 XXX Tech by SOVRYN Dr. Brian Sovryn The crossroads between technology, sensuality, and metaphysics - and the longest running anarchist podcast in the world! Brought to you by Dr. Brian Sovryn.

Frequently Asked Questions

How long is this episode of Info Risk Today Podcast?

Episode duration information is not available.

When was this Info Risk Today Podcast episode published?

This episode was published on July 27, 2023.

What is this episode about?

Healthcare entities are "stressed," in the words of SailPoint's Rob Sebaugh, and identity security in particular has taken a steep toll. But modernization, led by AI-driven identity security, can help reduce risk and even enable new levels of...

Can I download this Info Risk Today Podcast episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!