Photo: dowell/Getty Images
Context-aware passwordless authentication and identity verification services are now part of Imprivata's Access Management Platform, the company announced Tuesday.
WHY IT MATTERS
With the new release, Imprivata is prioritizing secure, frictionless access to cloud, software-as-a-service (SaaS) and on-premises environments for frontline staff and other enterprise users, which support a variety of authenticator options and combinations, and offer providers flexibility to meet their security and compliance requirements.
"Making this possible in healthcare meant designing for the reality of clinical work," Dr. Sean Kelly, Imprivata's chief medical officer, told Healthcare IT News. "Clinicians move constantly between shared workstations, mobile devices and systems, and any added friction directly impacts care."
Expanded capabilities in the digital identity company's Enterprise Access Management platform support passkeys to desktop sessions and workflows in shared-device environments as well as device-bound passkeys for access to single-user devices, a company spokesperson explained.
EAM services also integrate external authentication methods for organizations that use cloud-based identity and access management.
Biometrics, such as face recognition, require an "enroll once, use everywhere" architecture designed for shared-device environments.
"Once a user is authenticated, Imprivata leverages federated protocols to deliver single sign-on into downstream applications," a spokesperson told Healthcare IT News by email.
Not all healthcare applications are federation-ready, however. In those cases, customers can use Imprivata's Application Profile Generator to secure authentication on a user's behalf in legacy applications.
Technical barriers needed to be overcome for the healthcare space, Kelly said. A core challenge was enabling secure access across shared and personal devices without disrupting workflows.
"That required deep integration with existing healthcare applications and technologies, many of which are legacy and highly regulated," he said.
Identity verification happens in the background, across diverse healthcare platforms, while clinicians focus on patient care.
In addition to passwordless authentication with fast identity online, or FIDO, passkeys and integrated facial recognition, platform capabilities include:
- Workforce and patient identity verification for secure onboarding, help desk authentication, self-service password reset and accurate patient identification.
- Creation of personalized frontline experiences on shared-use workstations and other devices.
- Artificial intelligence-driven risk signaling and behavioral analytics to detect and assess potential security threats during access attempts.
- Automated, adaptive threat response to reduce unauthorized or malicious access in near real time.
- Secure access for VPN-less remote users built on Zero Trust principles to provide a seamless experience outside networks.
- Operational analytics that support more informed, strategic decisions.
Mission-critical industries like healthcare need access management that not only removes friction but also improves security and compliance, according to Fran Rosch, Imprivata's CEO. Expanded capabilities "will help our customers mitigate modern security threats and complex workflow requirements," he said in a statement.
THE LARGER TREND
Experts have promoted the use of passwordless authentication to help healthcare organizations reduce security risks for some time.
"Eliminating passwords can reduce the risk for a data breach since compromised credentials account for a large percentage of breaches," Manoj Kumar Srivastava, now president of tech consulting firm Avanza, said about five years ago.
While passwordless authentication is widely viewed as essential to improving security, compliance and clinician efficiency, adoption has lagged in healthcare due to integration challenges and technical complexity.
Imprivata said in its 2026 State of Passwordless Report that although 85% of healthcare IT leaders said passwordless access was mission critical for their organizations, only 7% fully implemented it.
The main barrier to adoption is technical, followed by clinical reluctance.
However, amid rising cyberthreats, staffing shortages and increased regulatory scrutiny, legacy identity systems are struggling to keep up, Imprivata said. The company found that more than half of providers – 54% – use at least three authentication vendors to support identity requirements, while 16% use four or more.
ON THE RECORD
"Imprivata EAM delivers a single, comprehensive solution for all enterprise users, eliminating the need for organizations to rely on disparate solutions to accelerate productivity, improve compliance and reduce costs by consolidating multiple access tools into a single, powerful platform," Rosch said.
Updated February 11, 2026, to reflect the correct name of Imprivata's survey report.
Andrea Fox is senior editor of Healthcare IT News.
Email: afox@himss.org
Healthcare IT News is a HIMSS Media publication.
