The software also provides tighter access controls and enables better tracking of who accesses patient data and when. This helps Continuum comply with HIPAA, as well as with sections of the FDA's Code of Federal Regulations Part 11, which is designed to ensure that electronic records and signatures are trustworthy and compatible with FDA procedures, Lobenstein says.

Continuum evaluated other ID management products, but since the company already relied on Novell for directory and messaging services, the vendor's identity management system seemed "a natural choice," Lobenstein says. He estimates that the total cost to implement the system will be about $1 million.

With the tool, employees can now access e-mail, medical records databases, purchasing and personnel systems in 10 seconds or less with a single ID and password. Without the software, it can take up to five minutes for people to gain access to the systems they need to perform daily tasks.

Lobenstein says Continuum expects to reap other benefits, such as improving its process of granting access rights to as many as 400 different software programs, once the company links the identity management software with other data sources, including an HR directory and a nursing management system.

Personnel data from those sources will be fed into Identity Manager, which will be used for providing and taking away access rights, Lobenstein says: "It will reduce the time it takes to get an account set up from two or three weeks to an hour or so." It will take an hour or less to close an account when an employee leaves, instead of as long as one month, because the current process relies heavily on paper reports and manual processing.

The tool will help with the annual arrival of several hundred resident physicians. Each receives credentials before using the hospital systems. In the past, about a dozen workers manually collected and entered data to authorize access.

Now, Continuum downloads information about the physicians from a directory of the Association of American Medical Colleges into Identity Manager. In addition to time savings, the process helps Continuum avoid data entry errors by allowing direct electronic feeds among systems.

The biggest challenge with the technology? The up-front task of ensuring there is a single identity for each person, Lobenstein says. "We have literally hundreds of systems and have information about people scattered throughout those systems," he says. "There are a number of instances where data is not readily matched. There's no easy way to know that Ken Lobenstein in one system is the same person as Kenneth Lobenstein in another. You have to sort through pieces of information to determine that."

He says Continuum made a significant investment of time in the initial loading of identities from multiple sources, and then verifying that matching algorithms linked records from those multiple sources correctly.

Lobenstein, who did not provide metrics on Continuum's security improvements, says: "Security has three components: availability, integrity and confidentiality. The identity management program will support all three. By using identity management to provision new accounts quickly, we ensure systems are more readily available as members of the workforce are added."