We implemented an IAM solution for CHUV using the Evidian Identity and Access Management product.
We first addressed the challenges of identity management for large-scale teams by setting-up the identity management stack of Evidian IAM. We addressed the complex issue of managing roles by using the product’s customisation capabilities and, more precisely, custom Java code to define a complex Role Based Access Control matrix. The matrix’s main dimensions were function, location and application.
We configured delegated administration at the business manager level to handle rapid re-assignment of medical staff. This way, business changes (such as change of service for a nurse) can be translated quickly in terms of application roles, and thus correct application access.
The emergency situation management was implemented using the “Break Glass” concept and means that emergency access to patient information can be quickly given to medical staff even if not initially configured. Exceptions granted in these specific cases are traced in the central IAM solution and managers are immediately notified.