Authentication with a bit of backbone! Identity Agent strengthens NHS connectivity

A new element in the Microsoft suite of tools and services for healthcare organisations is about to unlock both productivity benefits for users and a technology upgrade path for IT managers.

Functionally, Microsoft Identity Agent (MIA) is simply a software layer which allows NHS employees using the latest operating systems (Windows 7 and 8) to connect to any one of the many systems connected to the Spine nationwide private NHS network, using the ubiquitous pink Smartcard to easily authenticate their identity.

Despite the demise of the National Programme for IT (NPfIT), Spine services remain central to the workday of many NHS staff, and it is crucial that Microsoft machines – used by millions of NHS professionals daily – remain seamlessly connected. Alastair Dick, Microsoft NHS Chief Technology Officer, sets the scene: “NPfIT may be gone, but you don’t want to throw the baby out with the bathwater. The Spine is a huge asset to the NHS, there is still a huge reliance on the NHS Smartcard for a range of services and the Smartcard roll-out is still continuing. Plus, the government’s policy, which has been reaffirmed regularly, remains clear: patients and clinicians require a single a view of each personal record, with reliable, secure access.” Furthermore, the Spine reaches well beyond the usual Trust/Hospital settings: GPs, opticians and pharmacies are also connected – the Spine practically defines IT’s outreach into the communities served by the Health Service.

Twist or stick

A commercial tension has, however, developed. Most Trusts remain resolutely on the Windows XP desktop architecture – which has a workable Identity Agent. But there are many reasons now to upgrade the infrastructure:

  • Government advice is to upgrade where possible to the latest operating systems for security reasons (irrespective of the many operational advantages: driving a new car is invariably cheaper and more reliable than chugging about in an old jalopy).
  • Support for Windows XP expires completely in April 2014; despite this fact, many Trusts have no migration strategy in place.
  • NHS organisations will start to have problems deploying Windows XP on new machines: drivers will not be available, and they may be imaging issues with the latest hard disk drives.
  • NHS organisations buying new PCs with Windows 8 installed will need to purchase Software Assurance to obtain downgrade rights to Windows XP.
  • NHS delivery requirements are changing: powerful and economically compelling new tools include thin client computing using RDS (Remote Desktop Services), virtualisation using VDI (Virtual Desktop Infrastructure); delivered by 64bit versions of Windows Server 2008 R2 & Windows Server 2012
  • And neither XP nor the Spine were designed with foresight as to how NHS computing would change, particularly the development of smart devices like tablet PCs (e.g. Surface).

With the launch of an Identity Agent for Windows 7 and 8 which natively resolves all these problems, there is yet a further incentive for Trusts to upgrade to a modern clinical computing environment.

Unlocking a new generation of technologies for clinical use

MIA is not, however, designed just to sell new versions of Windows. If nothing else, contrary to other reports which mention that Microsoft’s Identity Agent is the first time that Win7 devices can join the Spine seamlessly, there is already a CfH-accredited Identity Agent for Windows 7. Rather, says Dick, “there are certain delivery mechanisms that are specifically pertinent to the healthcare market that we’ve written MIA to enable: RDS and VDI being good examples. It’s not an XP issue; it’s a clinician enablement issue.

“The biggest complaint we get from clinicians and health users is unacceptably long logon times on XP machines and the desire to use clinical applications on modern devices and in modern scenarios, so the thrust of our development cycle is that clinicians should be able to log on quickly, on modern IT infrastructure, on any device, at any time and in any place and get the experience they require. It’s about giving a modern experience to clinicians.”

Currently, MIA is being field-tested at Lancashire Care; with 45 other NHS organisations involved in testing. This will create a reference architecture which will inform CfH-accreditation and give other Trusts a roadmap to deploy MIA with minimum technical overhead.

John Martland, IT shared services manager at Lancashire Care, says: “NHS trusts urgently need to modernise and provide patients with the best possible care at the best possible value. By using Identity Agent we can jump to the latest tools and pass on the benefits of those tools to patients by helping healthcare professionals to be most effective.”

Dick says, “It is extraordinary that NHS staff can have Windows 7 or 8 running on the computer they use at home – which gives them valuable familiarity with our OS – and yet be denied access to key centralised services on the same platform. Identity Agent will free the NHS to use powerful modern software features on modern devices, so doctors walking around wards can have instant access to the data they need, when they need it”.

Microsoft is inviting further interested NHS bodies to broaden the test cohort: interested IT managers can contact Alastair Dick directly at to join the programme.

By Nick Saalfeld, Journalist, Microsoft Health Team

Comments (1)

  1. Mike says:

    this is welcomed but who will support this and warrant against all the suppliers infrastructure?

Skip to main content