The overarching goal of Phase 3 is to enable seamless sharing of services and resources across Stanford Medicine by developing new authentication design patterns for the various applications used by the three affiliates.
Presently, individuals within the Stanford Medicine affiliates — Stanford University, Stanford Health Care, and Stanford Medicine Children’s Health— face challenges due to the necessity of managing multiple identities when accessing shared services.
Each individual is assigned a "home" ID by their employing affiliate, and also given IDs for the other affiliates to access their respective services.
The need to maintain and manage several IDs can be a frustrating experience and lead to confusion about which ID and password to use when accessing the various cross-collaboration solutions.
Additionally, there are other concerns beyond the poor user experience. We have the opportunity to raise the security standards of Stanford Medicine and move away from point solutions which we previously enabled to support specific services. This service by service approach can be time-consuming, duplicative, and administratively expensive.
Due to the complex nature of this effort, Phase 3 is divided into two channels:
- Outgoing identity channel: Focuses on sending the required information about university SUNet identities to the hospitals, when accessing services hosted by the hospitals.
- Incoming identity channel: Focuses on receiving user identity information from the hospitals and integrating that into university application auehtnication and authorization flows.
Approximately 300 applications have been identified that span the various organizations making up Stanford Medicine and the university. As a first step, on June 28, 2024, Stanford University employees were able to log into the SHC ServiceNow portal (AskSHC) using their SUNet ID and password instead of the SHC ID they had used previously.
