HIMSA SSO Features and Benefits
Identity and Authentication
With Noah ES, HIMSA has implemented an Identity Service that uses IT industry standards and best practices to ensure that the Hearing Care Professional (HCP) is, for example, Brian Jones, who uses the email address bjones@email.com. Once authenticated, Brian can make use of the Noah ES features. At this point, Brian's HIMSA Identity is available for other approved applications to make use of.
Q: Is the business that Brian works for required to subscribe to and use Noah ES to make use of HIMSA SSO?
A: No. HIMSA is working towards reusing the work completed for Noah ES and making it available as a separate product called “HIMSA SSO” which will be provided to Hearing Care Businesses (HCB) at no charge.
Easy Identification
During the day, Brian may need to use a website application provided by manufacturer A. Manufacturer A is a HIMSA member company and is a trusted integrator with the HIMSA SSO. In this example, Brian is wishing to make use of an order system.
When Brian arrives at the website, he will have the ability to gain access to protected functionality without needing to enter a username and password.
Q: Does the HIMSA SSO user Identity at all influence what Brian can do in the system (e.g., how much product can he order)? Does HIMSA control the feature offerings in any way?
A: Not at all, HIMSA SSO proves that Brian is bjones@email.com, but the manufacturer's application decides the functionality and level of access.
Seamless Movement Between Different Systems and Companies
Brian's company also works with Manufacturer B which provides a web-based system for remote fitting/care. Even though the systems are completely separate, Brian does not need to log in again but can rather use his HIMSA SSO Identity to gain access to the remote care functionality.
Q: Will the HIMSA SSO make it easier for a manufacturer to create different applications such as order systems or remote care solutions?
A: Not directly. Although it is entirely feasible to solely rely on HIMSA SSO HIMSA assumes that most manufacturers will still wish to provide individual identity systems and offer HIMSA's as a very nice option. This also means that any existing authentication systems put into place can continue to exist alongside with HIMSA SSO.
For Brian, the HIMSA SSO can provide a better overall user experience, for example:
Brian does not need to enter his password each time he visits another system; he does not need a separate password for each system.
If Brian forgets his password, he will work with his HIMSA SSO account administrator or potentially HIMSA to get logged back in.
Q: Since Brian can log into systems provided by manufacturers A and B does this mean that, for example, manufacturer A can gather some data or insight into the activity related to manufacturer B?
A: No, this is not possible.
Directory Features
HIMSA SSO will provide for the storage of basic information about the business, such as location name, address, and other contact information.
User types, such as Business Decision Makers (i.e., can sign agreements with HIMSA) and Administrators, are also defined.
Manufacturers Benefit
Location and User Information is available to manufacturer applications to assist in onboarding a business as easily as possible. Manufacturers will also be able to determine when HIMSA SSO accounts have been disabled, signaling that the individual is most likely no longer employed. The manufacturer may take any action within their applications if they wish.
Advanced Systems
Hospitals, large chains/groups, businesses with special security needs, or advanced setups (e.g., use of a physical PIV card) have already had most of their software systems set up to use products such as Microsoft Active Directory or Azure Active Directory.
These businesses really dislike using separate identity systems as each separate system represents a level of complexity for the administration of their business. These businesses will most likely not accept to abandon their chosen solution for HIMSA products as well as other online-based systems.
To accommodate this situation, HIMSA SSO is implemented and ready to integrate with other approved systems so that HIMSA can still deliver a high-quality identity for uses with Noah ES and associated applications.
Manufacturers Benefit
This type of integration will be taken care of by HIMSA SSO so that manufacturers do not need to worry about them. As far as the manufacturer is concerned, it is just working with the HIMSA Identity Service. For example, if Brian's company has decided to use Azure Active Directory, this change will have no impact on manufacturer-created applications.
Future Proofing
Identity and authentication for software applications is a fast-changing field that will likely change quickly during the next few years. For example, the next large change is assumed to come with moving away from using passwords and replacing them with authentication Apps and easy-to-use hardware devices. Microsoft and other companies are working very hard on addressing this topic. Rather than forcing users to deal with the ever-increasing number of password changes and complexity, other methods are sure to become the standard in the future.
Manufacturers and HIMSA's Benefit
As this field changes, HIMSA SSO will be able to make adjustments to the Identity Management Systems to make use of new standards without causing a direct impact on the development of Noah ES or applications that integrate with Noah ES or the Identity Services.
In other words, HIMSA can perform the work once, and all companies may then enjoy the benefit of this work.