As a nurse manager at University of Iowa Hospitals and Clinics, Julie Schafer frequently uses her electronic identities to log into both health care and university systems—and until recently, had to stop and think which password to use.
HealthCareID and HawkID passwords are now automatically synced when a password is changed, eliminating confusion over which one to use. Within seconds of a password change, both passwords match and there’s no need to change the other one manually. More than 13,000 people have had their passwords automatically synced since the feature was introduced in October 2019.
“Before the sync I would often forget that I needed to use my HawkID password to log into Employee Self-Service. I would enter my HealthcareID password and not be able to access it, then would have to recall what the other password was,” Schafer says. “The sync has definitely saved time and frustration.”
The change is one of several efforts underway to enhance collaboration across Health Care Information Systems (HCIS) and OneIT to better serve the entire campus.
The long-term vision is a fully integrated IT environment that supports the breadth of university activities and enables success in teaching, research, and health care. University leaders announced the partnership in fall 2017, noting that collaboration is key to keeping pace with increasing demand for IT.
“There are two drivers for integrating our IT environment,” says Lee Carmen, associate vice president for IT and CIO of University of Iowa Health Care. “We want to make the IT experience as seamless as possible for customers, and identify areas we can partner to reduce operational and capital expenses.”
A joint IT security office
One of the first changes was merging the IT security offices. The integrated approach enabled the team to optimize policies, processes and procedures, creating a more consistent experience for academic and health care users. Sharing talents, tools, and expertise strengthened security across the entire institution through the ability to cost-effectively leverage scale amid rapidly growing security demands.
“Having a single team provides the structure to respond to unpredictable security incidents faster and more consistently, and in turn has led to a more proactive ability to prevent even more security incidents from occurring,” says Shari Lewison, the university’s chief information security officer.
As the team adopted a common infrastructure to prevent and mitigate cyberattacks, numerous metrics have been developed to track the effectiveness of the expanded monitoring and alerting capabilities.
Real-time security dashboards are now meeting the needs of technical operations teams, including the HCIS and ITS Help Desks, email administration teams, and server administration teams.
With those tools, the security team routinely monitors metrics like the average number of system security alerts—well over 13,000 per week—to watch for anomalies, and the average number of intrusion-detection events per day. A sharp spike in intrusion attempts could signal that a phishing campaign is on the horizon, or that cybercriminals are on the hunt for vulnerable systems.
A single electronic identity
HCIS and OneIT have agreed on a long-term course to move to a single electronic identity, which will greatly improve the experience of faculty, staff, and students—especially those who interact with both health care and university IT systems.
HealthCareID and HawkID passwords are now synced when changed, reducing confusion among users over which username and password to use. Planning continues on migration to a single identity so users will only need to remember and manage one set of credentials.
One email and calendaring system
Integration plans also call for a single email and calendaring system that will simplify tasks like scheduling meetings and sharing documents. Health care users will be migrated from their current service to the Office 365 service managed by OneIT.
Nearly 400 medical students have already transitioned from the health care email system to Office 365, and a schedule is being developed to move the rest of the health care accounts.
More flexible, cost-effective communication tools
Skype for Business is a system that uses the internet (Voice over Internet Protocol, or VoIP) to make phone calls. It’s being implemented across campus to replace traditional telephones on campus within the next few years, saving on infrastructure costs and providing more flexibility and features to users.
Features include instant messaging, presence, online meetings, and voicemails delivered directly to email inboxes. Skype for Business can be used wherever there’s an internet connection.
HCIS will manage the service for the entire campus and everyone will move to the latest version of Skype for Business. Equipment for the migration is being configured.
A common platform for requesting technical help
Behind the scenes, OneIT and HCIS are collaborating to get OneIT onto Cherwell, the platform the hospital uses to manage its Help Desk and many other IT services.
Having a common platform will make it easy to pass customer requests for technical support across health care and OneIT to get people to the right place for assistance. A future phase of the project will introduce a customer portal so that all campus users go to one convenient place to request services or technical help and can easily track the status of their requests.
HCIS and OneIT also continue to build and strengthen relationships through IT community events, joint leadership team meetings, leadership-development programming, and job rotations and shadowing in the SPARK program.
“With two outstanding IT organizations, we are well-positioned to leverage our complementary strengths and the scale of large operations to benefit the entire university,” says Associate Vice President and Chief Information Officer Steve Fleagle. “We believe this is an important direction for our future to deliver the critical IT services needed for education, research, patient care, and outreach.”