CASE STUDYCatholic Healthcare West Reduces Costswith Standardized Identity ManagementStandards-based Linux-hosted directory services displaces Micros<strong>of</strong>t Active DirectoryWith more than 40 locations, Catholic Healthcare West was managing user identitiesacross hundreds <strong>of</strong> applications running on multiple platforms. A streamlinedidentity management solution running on Linux has increased security and improvedregulatory <strong>com</strong>pliance, while dramatically reducing costs.OverviewCatholic Healthcare West (CHW),headquartered in San Francisco, isthe eighth largest hospital <strong>sys</strong>tem inthe nation and, with more than 9,500 beds,the largest not-for-pr<strong>of</strong>it hospital providerin California. The CHW network <strong>of</strong> morethan 7,500 physicians and approximately40,000 employees provides quality healthcareservices for more than four millionpatient visits annually.ChallengeAs with many healthcare organizations,many <strong>of</strong> Catholic Healthcare West’s facilitieshad locally developed information <strong>sys</strong>temsand s<strong>of</strong>tware. As a result, it was managingdisparate <strong>sys</strong>tems and platforms across40 hospitals and medical centers. Eachlocation also had its own way <strong>of</strong> managingnetwork access and user identities fornearly 1,400 applications.To streamline IT operations, CHWwanted to move away from proprietaryplatforms and create a standardized, openenvironment. The organization also wantedto create a standard approach to identityand access management that would increasesecurity and meet regulatory requirements,while still giving physicians and stafffast access to applications.SolutionAfter thorough research, including talking tomany customers who had implemented identitymanagement across a large enterprise,Catholic Healthcare West selected a Novellidentity and access management solution torun on SUSE Linux Enterprise Server.“A solution based on open standardsfits our model <strong>of</strong> doing business,” saidEric Leader, chief technology architectfor Catholic Healthcare West. “Healthcareprocedures are not proprietary, and information<strong>con</strong>cerning how best to meet theneeds <strong>of</strong> our patients is freely shared amongcaregivers. Because we work in an open<strong>com</strong>munity, it makes sense for us to have anopen environment.”CHW <strong>con</strong>solidated all <strong>of</strong> its directoriesand migrated its Windows NT domains toNovell eDirectory to manage 20,000 useridentities. Novell Identity Manager synchronizesuser identity information acrossapplications running on multiple platformsincluding Micros<strong>of</strong>t Windows, Linux, andmultiple versions <strong>of</strong> Unix.“Many <strong>of</strong> our applications require Micros<strong>of</strong>tActive Directory, but we were un<strong>com</strong>fortablestandardizing on a proprietary platform,”Leader said. “Novell eDirectory supports openstandards and allows us to manage identitiesacross our diverse environment.”With centralized identity management,CHW can provision users three times faster,giving them immediate access to the applicationsthey need. Users even have a singleID and password for many applications thatare integrated with eDirectory. CHW willalso be using Novell SecureLogin to giveusers single sign-on access to applicationsthat are not LDAP-enabled.Centralized identity management hasgreatly improved the organization’s overallsecurity and ability to <strong>com</strong>ply with HIPAA,Sarbanes-Oxley, and other regulatoryrequirements. Using Novell Audit, CHWcan <strong>con</strong>duct timely audits to track who isaccessing information and when. The ITstaff can also immediately revoke networkaccess when employees leave the organization.“We operate in a highly regulatedenvironment where the requirements arealways changing,” Leader said. “We simplyhad to <strong>con</strong>solidate identity managementor we would see a huge increase in timespent managing regulatory issues. Theidentity and access management solutionprovided by Novell helps us stay ahead <strong>of</strong>the curve.”CHW runs its Novell identity managementsolution on 30 SUSE Linux Enterprise Serversand HP hardware, and also runs several mission-critical<strong>sys</strong>tems on Linux, including Oracledatabases, s<strong>of</strong>tware distribution, claimsmanagement, and digital image <strong>archive</strong>s.APRIL 2006 28 www.<strong>LinuxWorld</strong>.<strong>com</strong>
CASE STUDY“Micros<strong>of</strong>t licensing became too burdensome,so we looked for lower-cost alternativesand found that many <strong>of</strong> our large vendorswere providing support for Linux andopen source,” Leader said. “As we purchasenew s<strong>of</strong>tware, we look for vendors who runon Linux. Eventually, we would like to runour entire organization on Linux.”A solid disaster recovery strategy is alsoan integral part <strong>of</strong> HIPAA <strong>com</strong>pliance.With SUSE Linux Enterprise Server, CHWis implementing redundant <strong>sys</strong>tems fasterand at a lower cost than with proprietaryplatforms.“The flexibility we have with SUSE Linuxhas exceeded our expectations,” Leadersaid. “There is no way we could keep upwith rapid change if we <strong>con</strong>tinued to manageproprietary platforms. We now have acost-effective way to remain <strong>com</strong>pliant andmaintain high availability.”ResultsWith a Novell identity and access managementsolution, Catholic Healthcare Westcentralized identity management across itsdiverse enterprise and reduced initial useradministration time by 70%. The organizationhas increased security with role-basedaccess, auditing capabilities, and streamlinedprovisioning and deprovisioning toimmediately grant or revoke access.“Before implementing the Novell solution,we provisioned users in a hundred differentways,” Leader said. “We didn’t think we couldstreamline this process without substantiallyincreasing our staff. With the Novell solution,we have a high-quality, yet cost-effectivesolution that actually frees up much <strong>of</strong> ourstaff to work on other projects.”Running SUSE Linux Enterprise serverhas improved performance for several mission-critical<strong>sys</strong>tems, while significantly reducinghardware costs and reducing serveradministration time by 25%. The organizationanticipates an estimated cost savings <strong>of</strong>$1.5 million.“Novell’s support for Linux has beenexcellent,” Leader said. “We’ve now movedLinux from a hypothetical idea to a missioncriticalplatform in our organization.”LINUXWORLD MAGAZINE WWW.LINUXWORLD.COM“We operate in a highly regulatedenvironment where the requirementsare always changing. We simply hadto <strong>con</strong>solidate identity managementor we would see a huge increase intime spent managing regulatory issues.The identity and access managementsolution provided by Novellhelps us stay ahead <strong>of</strong> the curve.”“Novell’s support for Linux has beenexcellent. We’ve now moved Linuxfrom a hypothetical idea to a mission-criticalplatform in our organization.”— Eric LeaderChief Technology ArchitectCatholic Healthcare Westwww.<strong>LinuxWorld</strong>.<strong>com</strong>29APRIL 2006