Case St. Olavs Hospital | Buypass.com
Gå rett til innhold
Help
flag-britishEN
flag-british
English
flag-norwegian
Norwegian
Customers stories

Future-proof identification

At Øya in Trondheim is one of northern Europe’s most modern university hospitals, St. Olav’s Hospital. With a future-proof ID-solution delivered by Buypass, hospital employees get faster, more secure, and more flexible access to information. The solution has cost as its focus, but is ready for further functionality in the future.

Helse-Norge has great ambitions to simplify and streamline work processes without compromising strict security requirements. Few areas demand greater security and authentication than access to data that tracks a patient’s pathway. Within this project, digital ID, digital signatures and message exchange are the important areas of focus. Buypass is one of the heath sector’s key partners for handling security related to electronic access and the exchange of patient sensitive data in the health network and to NAV. One of Norway’s largest health authorities, St. Olav’s Hospital, has implemented solutions through a framework agreement with Buypass. By using Buypass Smart Card with Digital ID, the security and flexibility of access to systems with sensitive personal information and access to secured areas is enhanced.

Leger i arbeid

Requirements

A Buypass smart card can be used primarily as identification at two unique levels. A local certificate is issued by the company itself for local use within a limited environment or scope, while a qualified certificate issued by Buypass has general validity. Within the health sector, qualified certificates give an opportunity to store and exchange sensitive personal information electronically between healthcare professionals in hospitals and other healthcare actors, such as NAV.

The business achieves huge gains by handling local certificates themselves, with issuance of qualified certificates handled by Buypass. For St. Olav’s Hospital, it was possible to distinguish between these two certificates, reducing operating costs while increasing the flexibility that was the basis for the collaboration with Buypass.

“The hospital’s original solution issued qualified certificates to all employees who logged on to PCs, regardless of the application and at a very high cost. There was an expectation that new systems, applications and services for the public sector and health sector would require qualified certificates on employee cards. When these systems didn’t materialise, St Olav’s Hospital ended up paying for expensive certificates that weren’t needed by employees. The solution came via Buypass, which gave the hospital the opportunity to equip its employees with local certificates, while providing qualified certificates as needed”, says Trond Grimstad, Head of ICT at St. Olav’s Hospital.

The solution

Employees at St. Olav’s Hospital are now equipped with a Buypass Smart Card with Digital ID. The cards are loaded with local certificates and possibly qualified certificates depending on the employee’s function and requirements. This enables employees to idenfify themselves for secure access to relevant IT systems. To login to a workstation, the user places the smart card into the reader, and enters their PIN code. To lock or log out of the workstation, they simply remove the smart card. Simpler and more secure access to information contributes to more efficient workplace processes.

- A user can, for example, leave a workstation in the middle of a work session by removing the smart card from the terminal. When the user puts the card in a new terminal, they immediately have access to the same work session, which resumes seamlessly from where it was interrupted”, explains Grimstad.

The cards are also used as physical access cards, in cooperation with the hospital's access system, as well as the collection of clothes and the use of vacuum tubes. When employees are to retrieve new work clothes, they use the Smart Card's RFID (Radio Frequency Identification) chip to identify themselves at the reader in the laundry. Using a small radio button attached to the workwear and antennas attached to the shelves in the closet, the number of items, type and sizes available are known - as well as who takes the garments. Laundry bins equipped with antennas detect all clothing that is supplied for washing, and new clothing is automatically ordered from the laundry when needed. This innovative solution is expected to save the hospital several million kroner in annual expenses. The Buypass Smart Card is also an important element in St. Olav’s Hospital's advanced vacuum pipe facility. A total of 160 pipeline stations connect all wards with the laboratory, blood bank and pharmacy, and gives the hospital a very efficient internal transport system for samples and medication. Dispatch of shipments occurs when identified via smart card, and the system automatically logs all activity.

Although the cards are initially equipped with local certificates, St Olav’s Hospital can at any time supplement the cards with a generally qualified certificate if required. In this way, they can fully utilise the Buypass solution through the secure exchange of records and reports related to hospital patients.

Buypass have developed and supplied the Buypass LRA (Local Registration Authority) software, which allows the business to issue and manage smart cards and certificates, both from local certificate issuers (CA) and Buypass cerficiate providers (CA). The program controls the registration through necessary controls and procedures, and includes support and control of a variety of features:

  • Issuance of local and/or general digital credentials
  • Issuance of replacement cards and temporary cards
  • Renewal of cards and credentials
  • Change of PIN code
  • Refresh the PIN code if it’s blocked
  • Troubleshooting

The software gives the ID office at St. Olav’s Hospital a common interface, as well as a comprehensive process for issuing certificates and administering them. The process is also environmentally-friendly, as the credentials are scanned and stored in a secure file area, and processed without the use of paper.

The future perspective

Positive changes are underway in the Norwegian healthcare system. The Norwegian Directorate of Health launched a major program in 2008 to improve the electronic exchange of information in Norway. The Nasjonalt meldingsløft program aims to shift a variety of communication systems in the healthcare sector from paper to digital. For this to happen, all players must have systems for the secure exchange of sensitive data and connect them to each other. With the Buypass solution, St. Olav’s Hopsital is ready to use the solution as soon as the rest of the systems are in place.

"The authorities must facilitate the establishment of systems based on common standards and common infrastructure. Now that we have established this solution, we can quickly adopt systems that require the use of qualified certificates. We see a great need to coordinate what services and solutions we use within the health sector. The fact that Ahus also entered into a similar solution with Buypass is security for us, and reassuring when considering the future utilisation of systems. Now we have the flexibility we need, and we don’t pay anything for qualified certificates until we need them”, says Trond Grimstad.

The Buypass solution has been an important element in order to realize a high level of security combined with the necessary user-friendliness for employees of St. Olav’s Hospital.