Single sign on (SSO) solutions in healthcare

Based on my recent discussions with numerous CIOs, they each mention that SSO is something that’s on their radar screens as an important or high priority requirement. Given that most users deal with multiple IT systems during the day and they’re getting tired of re-authenticating themselves for each system, it’s understandable.

While the commercial vendors already tout their own (pretty good in some cases) solutions I thought I’d bring some of you up to speed on one open source solution that you may not be aware of: the Central Authentication System (CAS). CAS is an authentication system originally created by Yale University that allows applications written in Java, .Net, PHP, Perl (and other languages) to authenticate a user against a central directory or multiple directories.

An important feature of CAS is that it’s an open protocol with a solid set of implementations in multiple languages. This means that you can write your own implementation and continue to use the CAS protocol/standard across your various products. And, since it’s open source, you can have your vendors use it without buying per user or application licenses. It’s already in active use in decent size campuses so you don’t have to worry about being an early adopter.

Have your folks check out CAS, it’s something I’ve analyzed personally and it’s a great option for many organizations looking for a reduced or sign sign on solution.

Newsletter Sign Up

8 thoughts on “Single sign on (SSO) solutions in healthcare

  1. Pingback: Abstraction

  2. Certainly seems like a viable option for some situations. Adding SAML support (it currently doesn’t seem to have it) to the system will open it up for federation scenarios aside from providing interoperability with systems which implement this industry standard.

  3. Arif, good point. If you do a search for “CAS SAML” on Google there are some references to SAML for CAS. By the way, you mentioned CAS was viable for some situations, which indicates there are situations for which it is not viable. Can you elaborate on what those might be? My experience with CAS has been favorable; I know you’ve done some SSO work for your clients and I was wondering what you’ve used in the past.

  4. I am the CIO at Enloe Medical Center and we will be implementing Single Sign-on this year. I am looking for a consultant that has implemented Single Sign-on to help run the project. Do you have any names of organizations that I could call that would be interested in taking on this project.

  5. I am the CIO at Enloe Medical Center in Chico, Ca. We are in the process of moving forward with a Single Sign-On solution. I am looking for a consulting organization that would be interested in providing a quote for implementing Single Sign-On. Do you have names of organizations that I could contact?


    Jim Hauenstein
    Enloe Medical Center
    Chico California 95926
    Office # 530-332-7463

Add Comment