Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 8 Next »

How it Works

A brief high-level summary of the features and selling points for the HIMSA Identity Service is provided below.


Authentication

With Noah ES, HIMSA has implemented a HIMSA Identity Service that makes use of IT industry standards and best practices to ensure that the Hearing Care Professional (HCP) is in fact, for example, Brian Jones (bjones@email.com).  Once authenticated Brian is able to make use of the Noah ES features.  At this point, Brian's HIMSA Identity is available for other approved applications to make use of.

Q: Does the business that Brian works for need to subscribe to and use Noah ES in order to make use of the Identity Service?

A: As implemented today yes, but HIMSA can easily make smaller adjustments so that it is possible for the Identity Services to be available without requiring that Noah ES be purchased.  HIMSA has assumed that it offering this service at no charge to the HCB would be beneficial to the hearing health care industry as a whole and also provide for some helpful sales exposure for also using Noah ES.


Easy Identification

During the day Brian may have need to make use of a website application provided by manufacturer A.  Manufacturer A is a HIMSA member company and is a trusted integrator with the HIMSA Identity Service.  In this example, Brian is wishing to make use of an order system.

When Brian arrives at the website he will have the ability to gain access to protected functionality without needing to enter in a user name and password.

Q: Does the HIMSA Identity at all influence what Brian can do in the system (e.g. how much product can he order)?  Are the feature offerings controlled by HIMSA in any way?

A: Not at all, the HIMSA identity proves that Brian is bjones@email.com but the manufacturer's application decides the functionality and level of access.

Seamless Movement Between Different Systems and Companies

Brian's company also works with Manufacturer B which provides a web-based system for remote fitting/care.  Even though the systems are completely separate Brian does not need to log in again but can rather use his HIMSA Identity to gain access to the remote care functionality.

Q: Will the HIMSA Identity service make it easier for a manufacturer to create different applications such as order systems or remote care solutions?

A: Not directly. Although it is entirely feasible to solely rely on the HIMSA Identity service   HIMSA assumes that most manufacturers will still wish to provide individual identity systems and offer HIMSA's as a very nice option. This also means that any existing authentication systems put into place can continue to exist alongside with provided support for using a common HIMSA Identity.

For Brian, the HIMSA Identity Service can provide for a better overall user experience, for example:

  • Brian does not need to enter his password each time he visits another system, he does not need a separate password for each system.

  • If Brian forgets his password he will work with his Noah ES administrator or potentially HIMSA to get logged back in.

Q: Since Brian has the ability to log into systems provided by manufacturers A and B does this mean that, for example, manufacturer A can gather some data or insight into the activity related to manufacturer B?

A: No, this is not possible.

Directory Features

The identity service will provide for the storage of basic information about the business such as location name, address, and other contact information. It will also be possible for different employees to be recorded and assigned to different office locations.

User types, such as Business Decision Makers (i.e. can sign agreements with HIMSA)  and Administrators are also defined.

Manufacturers Benefit 

Location and User Information is available to manufacture applications to assist in on-boarding a business as easily as possible.  Manufacturers will also be able to determine when HIMSA Identity accounts have been disabled, signaling that the individual is most likely no longer employed, the manufacturer make take any action within their applications if they wish.


Advanced Systems

Hospitals, large chains/groups, businesses with special security needs, or advanced setups (e.g. use of a physical PIV card) have already had most of their software systems setup to use products such as Microsoft Active Directory or Azure Active Directory.

These businesses really dislike using separate identity systems as each separate system represents a level of complexity for the administration of their business.  These businesses will most likely not accept to abandon their chosen solution for HIMSA products as well as other online-based systems.

To accommodate this situation HIMSA’s Identity service is implemented and ready to integrate with other approved systems so that HIMSA can still deliver a high-quality identity for uses with Noah ES and associated applications.

Manufacturers Benefit 

This type of integration will be taken care of so that manufacturers do not need to worry about them.  As far as a manufacturer is concerned it is just working with the HIMSA Identity Service.   For example, if Brian's company has decided to use Azure Active Directory this change will not no impact on manufacturer-created applications.

Future Proofing

Identity and authentication for software application is a fast-changing field and will most likely change quickly during the next few years.  For example, the next large change is assumed to come with moving away from the use of passwords and replacing them with authentication App and easy to use hardware devices.  Microsoft and other companies are working very hard on addressing this topic.  Rather than forcing users to deal with the ever-increasing number of password changes and complexity other methods are sure to become the standard in the future.

Manufacturers and HIMSA's Benefit 

As this field changes HIMSA will be able to make adjustments to the Identity Management Systems to make sue of new standards, without causing a direct impact on the development of Noah ES or applications that integrate with Noah ES or the Identity Services.

In other words, HIMSA can perform the work once and all companies may then enjoy the benefit of this work.




Project Update

The HIMSA IAM Committee, well represented for all of HIMSA's partner companies, has made a very good process since the initial project kick-off meeting in February 2019.  The currently understood project work is almost done, below is a list of highlights:

  • A completed set of user stories that the committee members are pleased with.  The user stories cover uses cases from both the perspective of the manufacturer developing applications as well as uses cases representing how Hearing Care Professionals (HCB) will make use of and enjoy the identity features.   The last meeting took place at the end of June 2019

  • HIMSA is currently creating a sample application and test environment that enables the committee members and HIMSA product management to further model and test the user stories.  We may find that some minor adjustments to the user stories are needed.





  • No labels