Case Study: Tackling CIAM Challenges During the PandemicCIO Aaron Miri of UT Health Austin on Overcoming Hurdles
The federal ban on funding for a national unique patient identifier adds to the complexity of customer identity and access management, especially when dealing with new patients during the COVID-19 pandemic, says Aaron Miri, CIO at University of Texas at Austin, Dell Medical School and UT Health Austin.
"When we say 'customer' in healthcare, we are actually talking about everybody, from internal customers all the way to the patients that you care for and people who are unknown to you in the community that can walk in your front doors … at any given point," he says in an interview with Information Security Media Group.
During the distribution and administration of COVID-19 vaccinations, CIAM challenges intensify, he says.
"Because of a lack of a national patient identifier, it made our work infinitely harder to uniquely identify who you are," he says about tracking those seeking COVID vaccinations.
"We got you prioritized based on what the state of Texas was requiring for vaccination, and then we made sure we followed you throughout your entire journey - from your first shot and your second shot - and that you were not inadvertently getting a Moderna shot when you should be getting a Pfizer shot. All of that is critical and gets back to identity and access management."
To help sort out patient identities, UT Health Austin uses "algorithms to scrub the data to ensure the same individual is not registered in the system twice using different identifiers," Miri says. "We did a good job eliminating duplicates."
Meanwhile, when it comes to internal customers at UT Texas Health as well as at the University of Texas and its Dell Medical School, the organizations use multifactor authentication on the front end for all faculty and staff, he says.
At clinics, the organizations combine multifactor authentication with Badge Tap software for ease of use, he says. "The healthcare environment is a very mobile and fluid one, with clinicians using multiple systems and multiple applications in the course of the day."
In the interview (see audio link below photo), Miri also discusses:
- BYOD challenges, including those involving pediatric patients;
- Other device identification issues;
- ID and access management challenges involving staff;
- IAM and CIAM developments likely to emerge after the pandemic.
Miri is CIO of The University of Texas at Austin, Dell Medical School and UT Health Austin. He is also a member of a federal Health IT Advisory Committee established under the 21st Century Cures Act. Miri also serves as an adviser to the National Academy of Medicine on healthcare privacy and security. He previously served as CIO for security vendor Imprivata.