Health Information Exchange Featured Article

September 15, 2011

Imprivata and PhoneFactor Join to Keep Protected Hospital Information Safe

Imprivata, Inc. and PhoneFactor today announced a reseller partnership to provide phone-based authentication services to Imprivata customers, according to a PhoneFactor press release, to help healthcare facilities keep their data secure.

In just one example, the electronic medical records (EMRs) of 20,000 Stanford Hospital emergency room patients,, were posted on a commercial website, the hospital disclosed last week, according to a story by Lisa M. Krieger at The information included names and diagnostic codes.

The partnership builds upon existing technology integration between the two platforms, creating a joint solution, to help healthcare organizations identify persons who are authorized to use its data and deny access to those who are not.

The solution is offered along with Imprivata OneSign, an authentication and access management platform, and OneSign Anywhere, which “extends OneSign to remote and mobile workers from a variety of endpoint devices,” according to the press release.

Physicians and nurses at OhioHealth and EMH Healthcare have already used the joint solution to allow them access to protected health information when they are authenticated remotely, over the phone.

Imprivata OneSign and OneSign Anywhere allow authorized doctors, nurses, and other care providers fast and secure access to electronic medical records (EMRs) and other applications. In addition, “PhoneFactor allows clinicians the flexibility to use their existing phones to authenticate to their systems,” according to the press release.

Authorized physicians can receive an automated phone call or text message from PhoneFactor when logging onto the hospital’s system.  Physicians press # or reply to the text message to authenticate themselves. “This simple process provides the multi-factor security required by many regulatory agencies, including HIPAA and state pharmacy boards, yet is extremely easy to setup, manage, and use,” according to the press release.

The HIPAA Privacy Rule includes the first nationally-recognized regulations for the use/disclosure of an individual's health information.

“For our customers, improved clinician satisfaction and productivity result in better patient care,” said Ed Gaudet, Imprivata chief marketing officer, in the press release. “The joint Imprivata/PhoneFactor solution delivers an excellent method of strong authentication for physicians and nurses who are already accustomed to carrying their phones and need both on-premise and remote access to patient records.”

“Patients place a tremendous amount of trust in their healthcare providers and that includes an expectation that practitioners will safeguard their privacy,” said Tim Sutton, PhoneFactor CEO, in the press release. “The joint PhoneFactor/Imprivata solution helps healthcare providers meet that expectation by ensuring that only authorized users have access to systems containing patient records. This is critical for regulatory compliance, but perhaps more importantly, is essential to maintaining patient trust.”

Deborah DiSesa Hirsch is an award-winning health and technology writer who has worked for newspapers, magazines and IBM in her 20-year career. To read more of her articles, please visit her columnist page.

Edited by Jennifer Russell