It’s safe to say that Sentillion’s applications are the security tools that even users love. The company is unusual in that its technically polished infrastructure applications were designed exclusively with healthcare in mind, meaning all that sophistication is hidden from the end user. All they know is that Sentillion’s products make it easier to log on to multiple applications, to work efficiently across best-of-breed applications, and flawlessly run feature-rich applications remotely just like they were within the four walls. We spoke to CEO and Co-Founder Robert Seliger about the benefits healthcare organizations are seeing from their use of Sentillion’s tools.

Let’s start with the elevator speech on Sentillion, please.

Sentillion offers identity and access management solutions that are focused on the healthcare industry. We provide technology that enables healthcare organizations like hospitals to create, manage, and apply electronic identities that their caregivers use to access their clinical, business, and personal productivity applications.

In today’s electronic world, we have identifiers and credentials that prove who we are. How do you assign those identifiers, particularly in a corporate or professional environment? How do you distribute them to the right people? How do ensure that those people apply their identities to access systems in a way that’s appropriate to their job and the tasks they need to perform? We offer four products that can be used separately, but also play very well together to create a larger totality of the solution.

The first product is called proVision™. It solves the aspect of identity and access management known as provisioning, which involves the tasks and policies around questions like, “How do I give somebody an electronic identity?” “How do I ensure that identity is appropriate for their role?” “How do I set up the underlying application accounts so people can do their jobs in an enterprise directory, an e-mail system, an order entry system, a PACS system, and a results reporting system?” And, most importantly, “how can I automate this so it’s not a manual undertaking?”
 
proVision also enables managing the full life cycle of these identities. If somebody’s role in the organization changes, such as when a nurse becomes a nurse practitioner or a medical student is hired as a physician, how do you change what they can do electronically? Our system allows people to manage that. Perhaps most importantly, proVision enables organizations to deal with the suspension or disabling of accounts, such as when someone leaves to work for a competitor, retires, or is a student who no longer works there. proVision enables total life cycle control of how identities are assigned and allocated.

expreSSO™ picks up on the idea that, if people already have those identities, then they need to do things like log on to their systems. The myriad of systems in healthcare were designed to be managed and maintained separately, so users get different identities and credentials even though they’re one human being. Electronically, they’re multiple personalities. Because of that, the fundamental task of signing on becomes torturous in a healthcare environment. You have a dozen or more systems with different IDs and passwords on each that you access 50 or 100 times a day. You’ve got to keep track of all those passwords. expreSSO is a single sign-on system, but optimized for use in the health care environment. For example, it enables people to sign on and off extremely quickly at workstations that are in shared areas, like at a patient’s bedside or at a nursing station.

Vergence® picks up where expreSSO leaves off by taking the idea of single sign-on and surrounding it with a whole bunch of other very important capabilities to create a complete clinical workstation environment for caregivers, whether they’re in their offices or in care areas. It adds what we call context management. Context management enables caregivers to easily access patient information across multiple applications without having to repeatedly search for a patient, encounter, or study result. Using Vergence, if a physician reviews a patient’s record in the hospital’s main information system and then needs to evaluate images from the patient’s chest CT, the simple click of an icon for a PACS system presents the exact image desired; without Vergence, the physician might have to search through several screens, enter a patient’s name or record number, or scroll through multiple studies searching for the desired result. Vergence’s patented context management solution does this work automatically, allowing caregivers to focus on the patient. For caregivers Vergence saves time; for patients Vergence prevents medical errors due to selecting the wrong patient’s record or reviewing the wrong patient information.

Vergence has a variety of other functions, such as role-based access. When you log on, you are presented with only the applications that make sense for your role. We also provide centralized auditing so we can tell organizations, from a single audit log, who has accessed what patient records, when, where, and from what application. You don’t need to do a massive forensic analysis to discover if there’s been a transgression. Or even if the patient simply says, “I’d like to know who has accessed my medical records?” which is a virtually impossible question to answer without Vergence.

Lastly, we have a product called vThere™, which solves the problem of creating productive, fully functional, but easy to deploy solutions for caregivers who are physically remote from the healthcare enterprise, at home or in their offices. Although physically outside the enterprise, these caregivers want access to applications and systems with the same performance, the same richness of functionality, and ideally, using the same set of credentials they use from within the enterprise.

vThere meets these demands using virtualization technology to enable healthcare organizations to distribute, not physically, but virtually, clinical workstations to remote end-users. They can they use these workstations offsite, but as if they were physically connected to the enterprise network, accessing the native applications in exactly the same way as if they were inside the four walls.

So, you’ve got provisioning to start the whole process with proVision for creating identities; expreSSO and Vergence for creating increasingly rich experiences when using a multitude of applications in care and non-care environments; and then vThere to break down the traditional barrier of being constrained to the richness of functionality with in the four walls and enabling rich functionality to be achieved outside the hospital.

Sentillion was just named the number one single sign-on vendor in all of healthcare for the year by KLAS. What do you think it is that makes Sentillion better than the competitors?

What’s particularly interesting is that KLAS asked specifically about single sign-on. Most of our customers use Sentillion products that do more than that. So, we’re pretty confident that they answered the question without blinders on and from the full experience they’ve had from us, which means we’re dealing with more elaborate and sophisticated problems than vendors with just single sign-on. To me, that makes the fact that we were named #1 even more impressive.

The other thing notable about the KLAS ratings is that 60% of our customers who responded said that we are their best overall IT vendor. Not best single sign-on vendor, but their best overall IT vendor. One hundred percent said that we are key to their long term plans and strategy. What it means is Sentillion is more than a vendor that just takes some kind of technology, lobs it over the wall to the customer, charges them some money, and then walks away with a nice handshake and says, “Good luck, let me know if it all works out.”

For example, with our single sign-on product, we are approaching 350,000 live caregivers. There’s nobody even close to that. With our provisioning product, we’re approaching 150,000 managed identities. Those numbers keep growing. When we work with our customers, our objective is to get them live and keep them live, which also points to our single sign-on product, where we track intensely our uptime. We run five-nines or better uptime for all of our customers in terms of single sign-on. That means less than 45 seconds a month of outage. It’s the total service and commitment that we bring that I think has been the underlying key to the KLAS ratings that we were able to achieve.

A security magazine had a great article on Delano Regional Medical Center, a small, rural hospital that realized it was losing business because community-based physicians didn’t like dealing with multiple sign-ons when working remotely. What can other hospitals learn from them?

We pioneered, at best I can tell, a process that we call an Executive Alignment, or an EA. When a customer has signed on, we don’t just kick off our project and tell the technical team to create a project plan. We get the executive team and all of the project stakeholders together, bringing everybody together for an initial meeting to say, “OK, you went through a sales process, selected Sentillion, and bought the product. Now let’s step back and ask — why did you buy the product?”

It sounds like a strange question to ask a customer, but what we find is that, when you bring everybody together, the perspectives on the business drivers for solving issues around identity and access management are fascinating to hear. They provide a rallying point and executive alignment, a business glue that holds everybody together as to why we’re doing the project, why it’s important, and what outcome they can expect. 

When we talked last, you said, “Vendors think users are afraid of technology, but in fact, users will avoid technology that gets in their way’. Do you think that vendors are hearing that message?

No. It’s a tough message to hear. Maybe your initial idea was solving a workflow problem, but you get distracted. You are at risk of losing sight of the problems you wanted to solve in the first place.

One of our competitors has made a big deal about something called “logical and physical security convergence,” the idea that you physically get into buildings and then to your computer systems. They want to solve all those problems. We looked at that in 2005, but the required assumptions don’t hold for hosiptals. For example, that each person physically enters the premises one at a time. I don’t know about you, but I’ve never seen doctors lining up at a door and swiping their cards to enter into a hospital one at a time. Without knowing who’s in the building, how could you possibly use that in any productive way to control computer access? At the end of the day, the guiding light is that the only reason caregivers will use our technology is that it makes their jobs easier.

Sentillion recently introduced expreSSO, which is a more focused and cost-effective single sign-on application. What’s the market reception been to that product? Are customers finding it easy to choose between expreSSO and Vergence?

We’ve been thrilled with the reaction, not only from the market, but also from industry analysts that cover this space. We had a pair of them a few weeks ago who obviously thought they had seen it all and weren’t expecting to be impressed. When we showed them expreSSO, in particular the tooling that the IT person sees, the only way to describe the look on their face was blown away. It was, “Just when I thought nobody could come up with any better way to solve these problems, you guys just came up with a way.”

There are customers who believe that they only need to solve the single sign-on problem. As I mentioned earlier, Vergence solves a much broader set of problems that includes single sign-on, but can go well beyond that. For those customers who are convinced that they just need stereo rather than surround sound, we now have a stereo system that we sell, too. If you someday discover that you really want surround sound, we’re there to provide that as well.

The single sign-on functionality from the end-user perspective for expreSSO and Vergence are virtually identical. We leapfrogged ourselves, and everyone else, in the tooling, how the IT organization creates the connectors. We used a metaphor like you would see in movie-making software, making it very easy to step through the series of tasks in generating a connector without writing any code. It’s very visual. It allows you to create a series of snapshots — you might think of them as frames in a movie — and arrange these frames to create a complete sequence of events. Those underlying events correspond to how you want to automate the sign-on process; how you want to automate the password reset process; how you want to automate handling events. Also, how you handle the sign-off process.

We’ve been able to take the tooling to a whole new level. That’s what’s caught the eye of our customers and the analysts. Later this year, that tooling will find its way into Vergence as well, but using the platform of a new product to pioneer and push and challenge ourselves to create a whole new generation of tooling and not only leapfrog ourselves, but also leapfrog anybody who’s in the single sign-on space in terms of how you go about generating connectors. That’s what’s got everybody excited.

You’ve got that as a new product and vThere is also relatively new. What are your priorities going forward?

The reason there’s a Sentillion is that we listen carefully to what our customers are struggling with. They don’t necessarily say to us, “Solve our problems in the following way,” but rather, “We have these problems. Is there something that you can do about it?’

proVision came about from a discussion I had with a CIO customer of Vergence in 2004. People said, “We want a product that focuses specifically on single sign-on and that makes it really easy to generate and maintain connectors” and that gave birth to expreSSO. Others told us, “We’ve got tremendous challenges with remote access. We’re paying a fortune for Citrix. Portals are powerful, but the Web-based metaphor is really difficult for transactional activities like order entry and we need something else.” That led to vThere.

On the list is the idea of taking the kind of problems we’re already solving in the enterprise and helping our customers solve the same set of problems for people who are outside of the enterprise, like physicians or patients in the community. Hospitals are establishing applications for patients to use, often put up by different organizations within the healthcare system, so patients end up with different IDs and passwords. Does that sound like a familiar problem? They have separate IDs and passwords for personal health records, to schedule an exam, to make an appointment with a doctor, and to deal with insurance. Groups are throwing applications up as fast and furiously as they can, and not thinking about the totality of the end-user’s experience. So you will see us taking what we’re doing and, over time, broadening the audience for whom our identity and access management solutions are benefiting.

The company is ten years old this year. What are the best parts about the first ten and what do you hope for the next ten?

I’ve been reflecting on this. Certainly one of the things that I’m struck by is we have accomplished more than I ever imagined when we started the company. We were so ambitious. We thought we had a crystal ball that was as big as anybody’s. When I look back, I realize we have so far exceeded and gone beyond anything we could have conceived of and it’s liberating. As I look ahead to the next ten years, I try to convince or coach people at Sentillion to not be afraid to think big because you can’t think big enough. Whatever we will be in the next ten years, we can’t conceive of that today. We will look back ten years from now and think, “My goodness, were we small-minded ten years ago in what we thought we could do versus what we could accomplished.”

We chose an unusual path to provide technology, as opposed to an application. A technology is a platform for a specific vertical, like healthcare in our case. That commitment to healthcare, the understanding we’ve gained about it, and our amazing customer base are responsible for our ongoing success. If we had come out of the gate as a horizontal company, we might have lasted two years, crushed or unable to keep up because we would have had no particular perspective or understanding about the set of problems we could guide our products and services around. The committed focus to healthcare is not only a source of pride, but is also the reason we have been able to experience such a vibrant and sustainable company.

Fast Facts

Products
Vergence, expreSSO, proVision, vThere

Company
Sentillion
40 Shattuck Road, Suite 200
Andover, MA 01810
978.689.9095
www.sentillion.com

Notable Customers

AtlantiCare, Cottage Health System, Eisenhower Medical Center, Great Ormond Street Hospital, INTEGRIS Health, NYU Medical Center, Sharp HealthCare, Sisters of Mercy Health System, Sunnybrook Health Sciences Centre, Tenet Healthcare Corporation, Texas Children’s Hospital, University of Michigan Health System, UPMC.

The Bottom Line

· Sentillion’s expreSSO single sign-on makes it easy and cost-effective to roll out convenient application access to caregivers and other users.

· Sentillion’s sharp healthcare focus has earned the company the #1 KLAS ranking in single sign-on applications.

· Users benefit from easier access to multiple applications and reduced errors in selecting patients across multiple clinical applications, but IT shops also enjoy improved security and full HIPAA auditability of electronic patient information access.

Download a reprint of this article.