Healthcare Information Security

Latest Health Data Breaches News

Healthcare Identity, Access Management Center of Imprivata Deal

In a move to further advance healthcare identity and access management, Imprivata acquired a portion of Caradigm’s business.

healthcare identity access management impacted by imprivata deal

Source: Thinkstock

By Elizabeth Snell

- Imprivata recently acquired the Identity and Access Management Business of Caradigm, according to a press release. The move should help healthcare identity and access management specifically, with a focus on reducing security risks and operational IT cost for hospitals and Integrated Delivery Networks (IDNs).

“This acquisition will serve as a catalyst in expanding our market reach and our authentication and access management portfolio and allow us to expand our relationship with GE Healthcare,” Imprivata President and CEO Gus Malezis said in a statement.

Caradigm currently provides numerous healthcare identity access and management options, including Governance, Risk Management and Compliance, and Clinical and IT Efficiency solutions (i.e. single sign-on and multi-factor authentication).

“We view Imprivata’s acquisition of the Identity and Access Management business as a very positive transition – making both companies stronger. Caradigm will continue with its intense focus on population health management and predictive analytics,” said Caradigm President and CEO Neal Singh.

Identity and access management can be a critical tool for healthcare, especially as the industry works to improve cybersecurity measures. User authentication is quickly becoming a key focus area, with entities needing to ensure that staff members can securely sign into networks to access sensitive data.

OCR noted the need for strong healthcare authentication measures in its November 2016 cybersecurity newsletter, saying that organizations may utilize “login passwords or passphrases to access information on public or private networks, internet portals, computers, medical devices, servers, and software applications.”

“The Person or Entity Authentication standard of the HIPAA Security Rule requires that covered entities and business associates implement reasonable and appropriate authentication procedures to verify that a person or entity seeking access to electronic protected health information (ePHI) is the one claimed,” OCR said.

Covered entities need access to tools that are specifically designed for healthcare and its unique security needs. From there, it will be easier to implement necessary identity and access management processes and policies. 


SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
Data Breaches

Our privacy policy

no, thanks

Continue to site...