Staff at Torbay and South Devon NHS Foundation Trust have broken new ground in their quest to provide health and social care professionals with a great experience when they access resources. After implementing single sign-on to the South Devon Health Library via OpenAthens they pioneered a way to implement Active Directory Federated Services (ADFS) in just their corner of the NHS. It is making access even simpler for library users – and what they’ve learned along the way makes it easier for other NHS organizations to follow suit.
Like every other NHS organization in England, the Trust’s library has been using OpenAthens for almost 20 years. OpenAthens helps staff access the evidence base whether they are working in Torbay Hospital, a community hospital or any other Trust care setting. Feedback from librarians suggested they would like a better experience. Not least so they would have to deal with fewer requests from users to reset their OpenAthens account passwords.
An ADFS integration seemed the obvious answer. It gives users single sign-on access to systems and applications across organizational boundaries. It means users don’t need to be assigned an OpenAthens account because they can access subscription resources with the same credentials they use to log into their workplace computer. However, although OpenAthens integrates easily with ADFS, the integration couldn’t be switched on within the OpenAthens account hierarchy used by NHS organizations in England. This had the potential to create a problem for the team managing OpenAthens for NHS organizations in England, because they centrally manage access to subscription resources and collate account numbers and usage data.
The answer was to move the library out from under that umbrella and give it a new organizational ID and domain. The possibilities intrigued Health Education England (HEE), which provided 12 months of funding for a proof-of-concept study.
To make the ADFS integration work the Trust had to be able to identify its own employees so that only these would be able to access the library resources using the new ADFS integration. At OpenAthens we worked with the Trust’s IT team on this. First writing a script so an employee number field could be used to define eligibility. That left a few other approved user groups to manage (for example, some consultants and allied health professionals [AHPs] as well as students). The simple resolution was for the IT department to give the library staff restricted access to the AD management system, so they could add these users to a ‘group’ that then authenticates the script.
The Trust had to tidy up some data and make sure the integration met all information governance and data protection requirements. Then our technicians worked with Trust IT staff on the integration of the directory into OpenAthens – it took about 30 minutes and went without a hitch.
The trickiest part? Getting suppliers to take note of the changed organizational ID/domain. Catherine Micklethwaite, library and information services manager at the Trust, recommends that other Trusts going down the ADFS route give suppliers at least four weeks’ notice, and check in with them regularly to make sure they know what to do.
“Four weeks seems like plenty of time, but most teething problems came down to suppliers who hadn’t updated the domain or who had incorrectly matched the new organizational ID code against the resources. A few suppliers had to reconfigure their sign-in process. But the good news is that other Trusts will be able to benefit from those new processes so their integrations should be straightforward.”
Twelve months after the go-live date in April 2021, the Trust surveyed all its registered OpenAthens users to see if the ADFS integration has made things easier. As expected, most say their user journey is better.
The survey shows most respondents found the system easy or very easy to use. More OpenAthens accounts were registered each month, from 67 in April 2021 to 482 in spring 2022.
What’s more, 95% prefer the new sign-on process. The study captured these comments about it:
“It saves time”
“Gives easy access to literature when needed for a clinical decision”
“Removes a barrier when I’m training others as they don’t have to register separately”
The admin burden for library staff is reduced. They don’t have to set up user accounts and queries have dwindled almost to zero. During the first 12 months there was just one unsuccessful attempt at authorization.
The library also hopes the integration will improve statistics on resource usage. The jury’s still out on that. Adoption during the COVID era makes currently available statistics atypical, but work to quantify this potential benefit is ongoing.
All required fields are marked with '*'