Wednesday, December 27, 2006

Sun on Identity for Healthcare and the Cost Problem

Health IT World has published an interview by John Russel called Sun’s Healthcare Mantra: Reduce Cost and Complexity with Sun Director of Healthcare and Life Sciences, Joerg Schwarz. He weighs in on Identity and provides a few interesting scenarios for federation:

Some RHIOs [regional health information organizations] follow the central model. Some follow the federated model. I chose a centralized model, which naturally creates a lot of animosity by privacy advocates, by patients, by people who are just afraid of having all the data concentrated in one place and I don't want to say who's right or wrong, but these are the two fundamental models. You centralize everything and use that as a model, or do you have a federated model where you keep the data where it is. You just have to make sure that when you need it you can save it to the aggregate it together.

When asked which model was better...

...identity management because data protection to control who accesses information through the entire lifecycle. The best way to do this is building a federated identity management concept so that a doctor that is known and authenticated with one institution can request data from another institution where he is unknown, but that gives him doctor level credentials to access information involving a patient.

Early in the interview, he explains that although most hospitals today have digital records, they are not linked, and primary care physicians typically don't have access to them. It seems that linking hospitals has a strong business case, and its just a matter of time before that gets into full swing...but what about the primary care physicians? A few barriers exist here:

1. $$$ - docs don't have the money to invest in infrastructure like this. And more importantly...
2. Why would they? Why would they want to share their info with other primary care physicians which could possibly give competitors an edge?

So there still seems to be a case for doctors as data consumers, although there seems to be a conflict of interest for them to behave as data providers. This might be circumvented if patient data can be released while protecting data regarding the physician history.

This would be a wonderful scenario for user-centric identity...

Sunday, December 24, 2006

Zone of Mediocrity

Words of wisdom from Kathy Sierra:

"...if you're not doing something that someone hates, it's probably mediocre..."

" willing to take risks! Perhaps more importantly, be willing to tolerate (and perhaps even encourage) risk-taking in those who are managed by you..."

Monday, December 18, 2006

Identity Management PMs and Use Cases

I just read an interesting blog entry on Mike Wyatt's Blog entitled "Project Managers as a Critical Success Factor or Identity Management Projects". It peaked my interest because it has become a recurring topic of discussion amongst some of the folks in our integration team. Mike talks about clients not wanting to shell out the extra service dollars for the PM, opting to use their own "experienced" PMs. Mike aptly points out... order to "get the deal done" vendors will make this concession. More often than not, when a project gets in trouble, the common issue is not technology (the bits) or even the vendor's technical team. It is usually the lack of strong project management, especially when customers are providing the project manager.

A few points that our team has come up with:

  • Use Case definitions for identity projects are quite helpful, especially in defining expected behavior of the IdM system based on predefined inputs. Many times, PMs get caught up in the tasks that need to be completed, and become task masters who babysit the team to ensure that tasks get done, many times losing the big picture. What is the big picture? Its what the client wants, and that needs to be defined up front. So one of the first tasks for a PM should be to engage the client in order to clearly identify the use cases with accompanying pre-conditions and post-conditions. This document should read easily for any business user, so that the client PM (or equivalent) agrees to the exact desired behavior of the system upon project completion.
  • If the use case document is clearly written, it can be used for project sign-off in the development environment, prior to migration. A meeting can be used to bring all relevant players together in order to demonstrate that the system behaves exactly as the client requested - using the use case document as a checklist. "This is what you wanted. Let me demonstrate that for you...great, it works. Let's check it off and go to the next use case."
  • In the "Use Case" phase, the PM could be used heavily while using the architect for reference and sanity checks. Once the Use Case is completed, the PM could take a back seat and let the architect roll up his/her sleeves. The PM from this point only needs to monitor the project rather than to be involved and bill day-to-day. (Of course, the architect has to step in to ensure feasability before the use case is signed off on by both parties.) This shows the client that you could use a PM (and architect) effectively, and make them feel comfortable that it won't cost them a substantial services fee at the same time.

More to come on the PMs continuing role in the project...

Tuesday, December 12, 2006

Even Identity Can't Save Novell Now

Novell's Identity suite is arguably one of the best, with quite possibly the most number of production deployments in the market. It's provisioning solution is very mature, with Identity Manager 3 boasting "Designer", a tool allowing administrators to create almost the complete identity implementation graphically, and then drill down for configuration.
Furthermore, sales of Novell's Identity Manager are up 3% from last year. All that aside, Novell is in trouble.

Timothy Prickett Morgan states:

In the fourth quarter, Novell had software license sales of $46.1 million, down 41 percent from the year ago period. The bulk of this drop is attributed to a rapid decline in NetWare and its related Open Enterprise Server license sales, but Novell had issues in other areas. Linux is not growing fast enough to fill the NetWare hole, and neither are the company's identity management or server management product lines...You can also see why Novell bought SUSE three years ago. If it had not, Novell would be dead right now.
Hovsepian predicted lengthened stagnation in software sales in 2007, with the exception of Linux and Identity Management...but also stated a boost on '08 as a result of the Microsoft deal. Any way you slice it, Novell is not in good shape. Their stock price hit a 52-week low last week, as a result of their announcement regarding flat sales in '07. Identity brought in revenue of $23.8m in the quarter. Sales were up just $793,000, or 3.5%, to be worth 9.7% of overall revenue...apparently, Identity can't save Novell, but maybe Microsoft can.