From Three Days to Three Minutes: Accelerating New User Onboarding at a Major US Municipal Hospital System
Services: Advisory, Managed Services
Solution: SailPoint IdentityIQ
Our client's manual user onboarding process took a minimum of three days per new user
One of the largest municipal healthcare systems in the country was struggling to keep pace with a high volume of user onboarding.
When MajorKey first began working with the client, their onboarding process was fully manual within Oracle. The initial provisioning request was created as a ticket in Remedy and access rights were logged via spreadsheets. With each new user taking at least three days to be created, not only was this inefficient - the lack of visibility into user access was a security risk.
The Business Impact
The manual process was inefficient and created security risks due to a lack user access right visibility
As an extensive hospital system serving with more than 50,000 identities being managed, the high volume of user onboarding was quickly becoming overwhelming. The organization utilized Remedy as a way to track new user requests, but each request had a different process and individual sign-offs depending on the department.
This resulted in each new user taking at least three days to onboard. Such a delay is unacceptable in any industry - let alone healthcare where time is of the essence.
Furthermore, they were using spreadsheets to track user access rights. Needless to say, this posed a security risk as there wasn't full transparency into who had access to what resources. And when it came to users leaving the organization, it increased the likelihood of accidentally maintaining access rights after termination.
Over a course of several years, MajorKey worked with the client to reduce new user onboarding from three days to three minutes and fully automated the user offboarding process
The process of moving the hospital system from manual oboarding to an automated process was a multi-year project with several stages.
- 2015 - SailPoint IdentityIQ implementation
While the onboarding process was still almost entirely manual, this first step allowed the organization to track user access. At this stage the organization was able to bulk import new user data one time per day from their HR platform. While slow, it was better than manually proivisioning one user at a time.
- 2019 - Partial automation of new user onboarding
In this next phase, the organization was able to push new user data into SailPoint up to seven times a day. A significant improvement over once per day, it was still too slow. Also during this stage, MajorKey implemented single sign-on across the organization along with the ability to perform certification and user access review campaigns.
- 2020 - New user onboarding reaches 15,000 identities in three months due to COVID-19
The organization, like many in the healthcare space, was heavily impacted by the pandemic. They had to rapidly scale up operations to meet patient demands. Thankfully, the automated onboarding system was in place and was able to successfully meet the unexpected demands of the pandemic.
- 2022 - Onboarding reaches 22,000 identities a year; Automated offboarding also in place
Not only is new user onboarding now fully automated, the organization is the capability to offboard an additional 36,000 identities in a year. This helps mitigate the risk of lingering user access rights following termination.
The MajorKey Approach
Our unique approach gave our client the confidence they needed.
Our approach is encompassed by the following values:
- Process-focused, not tool-focused. We are a vendor-agnostic provider. In other words, when working with clients we focus on business processes and outcomes rather than pushing a specific tool.
- Structured project management. We rarely miss deadlines and always stay under budget.
- Organizational change management. We dedicate significant time to helping the organization work through new policies and procedures associated with a migration. This includes end user training by roles and responsibilities, assistance with sponsorship adoption and roll out procedures, communication templates for deployment, and more.
- Agile development style. Our developers seek client feedback early and often throughout the life of a project to ensure client satisfaction after deployment.
- User acceptance training. We have a highly structured, clearly defined process for making sure the tool is driving value for the business users. This reduces post-live issues and encourages tool utilization after deployment.
- Post-live and managed services. We provide 24x7 on-call support for the most critical issues that may arise following a deployment.