Kindred Healthcare needed a solution that could simplify the management of 60,000 employees, 8,000 Windows desktops and more than 1,200 Windows servers. NetIQ Directory and Resource Administrator provides an automated, easy-to-use solution that helps reduce administrative costs while providing granular control and reporting to meet audit standards and comply with HIPAA regulations.
“It would be very difficult to live without Directory Resource Administrator.”Kelley EalySecurity Analyst, Kindred Healthcare
About Kindred Healthcare
Kindred Healthcare provides healthcare in more than 40 states through 60 skilled-nursing centers; more than 60 long-term, acute-care hospitals; and 30 pharmacies. The company has grown to rank among the top five long-term healthcare providers in North America.
Kindred Healthcare is one of the nation’s most respected healthcare providers. Through its subsidiaries, Kindred operates multiple healthcare-related businesses across the United States, including hospitals, nursing centers, institutional pharmacies and a contract rehabilitation-services business. Kindred Healthcare matches its impressive growth with its commitment to strictly comply with internal audit standards, which meet or exceed the Health Insurance Portability and Accountability Act (HIPAA) regulations. Directory and Resource Administrator serves as Kindred’s primary administrative and security support tool for assuring compliance with these internal audit standards, and therefore with HIPAA regulations that govern patient-information privacy and confidentiality. The solution helps Kindred ensure separation of duties and proper information access and security for 20,000 users in its health system.
According to Kelley Ealy, a security analyst with Kindred Healthcare, the security and privacy of patient information is Kindred’s top priority for its IT operations. “We have very strong internal audit and security standards,” she emphasized, “so we are a bit ahead of the game when it comes to complying with HIPAA regulations.”
Over the last four years, Kindred has been consolidating and centralizing the IT operations that serve nearly 30 departments and 800 facilities across the country. As part of its consolidation effort, Kindred’s IT group chose to build an in-house provisioning application and combine it with the administrative and security capabilities of Directory and Resource Administrator. The goal was to establish a formal access-request and approval-tracking process, streamline administrative functions across applications and improve accountability for changes.
In addition, Directory and Resource Administrator would reduce the organization’s high number of domain administrators and limit the number of information systems (IS) developers and customer support staff with access to critical production data.
“Directory and Resource Administrator allows us to segregate and separate duties to effectively control access and to provide an audit trail of changes in a centralized repository automatically,” Ealy explained. Kindred’s in-house provisioning system controls the process for requesting and setting up new user accounts and integrates directly with Directory and Resource Administrator. Kindred integrated Directory and Resource Administrator with its in-house system in less than a month. The security team can now assign a user account according to the user’s appropriate group and assign access privileges to specific applications. Only the security team has the ability to add individuals to groups and control exceptions.
Kindred’s security team uses Active View Management in Directory and Resource Administrator as a central location for simplifying user-role administration. “With Directory and Resource Administrator, we can automatically enforce separation of duties, track requests and approvals, provide auditing capability and minimize excess access by IS personnel that may not be necessary,” Ealy pointed out. The solution also lets the security team review and track changes as they occur.
Directory and Resource Administrator has enabled Kindred’s IT department to reduce its domain administrators by a factor of 10. The solution also gives Kindred highly granular yet automated control of user privileges, eliminates manual procedures and saves time, allowing administrative staff to concentrate their efforts on more productive tasks.
“The role-based security management we get with Directory and Resource Administrator allows us to satisfy our internal and external audit requirements for knowing who gets what kind of access to specific information,” Ealy said. “It would be very difficult to live without Directory and Resource Administrator,” she concluded, “since it gives us the ability to ensure separation of duties, automate many manual processes and help us meet new HIPAA regulations—all necessary to ensure the appropriate privacy and confidentiality of our patient information.”
United StatesNorth America
- Reduced the organization’s high number of domain administrators by a factor of 10
- Automated enforcement of separation of duties, track requests and approvals
Welcome, Want to talk to someone? Call our Sales team or request a call and we'll get right back to you.
- Sales: (888) 323-6768
For support information, please visit Technical Support.
Press & Analyst Relations
Phone: (713) 418-5368