As senior living companies scale and add additional facilities there are some challenges. One of those is turnover. It’s a normal part of the business, but one that can create some headaches for your IT team. The larger you scale the more requests you will have for new hire setups and terminations. HIPAA requires that you can turn access on and off quickly. You need a process and a plan. i.t.NOW has worked in the senior living space for years. Here are our tips on how to automate new user setup for senior living companies.
Define Roles
The very first place to start when seeking to streamline and automate new user setups is really to understand the different types of users you have in your organization. For most senior living organizations these will fall into at 2 or 3 buckets depending on your organization structure.
The first bucket is the healthcare workers. These are your nurses, therapists, and support staff that work in the facilities serving patients and giving care. Their main need is to be able to track treatment and medications in your EHR (Electronic Health Record) software.
The second bucket is facility staff. This would be all the folks that work hard to make a care facility run that aren’t caring for patients directly. Facility administrators, kitchen staff, maintenance, and many more. They will have different needs for access and software than the healthcare workers.
The last potential bucket is corporate employees. They work out of your corporate office assisting with various administrative functions and need different applications and data permissions to do their job.
Once you have folks broken up into different buckets it’s time to get a little more granular about their needs. Granted this is likely not going to be a perfect system that captures every single app that any employee may need for their role, but we want to be as specific as we can.
List Needed Applications
With defined roles it’s time to dig in deeper. What specific software do the folks in these different roles need to do their job? Take a few minutes and make a list of the different applications each role needs access to.
You’ll find that there are some commonalities across the organization. All employees will likely need a Microsoft Active Directory account if you’re on a domain. All employees will also likely need access to an HRMS (Human Resource Management System) platform like Paylocity or ADP. This will allow them to clock in and out, see payroll info, etc.
Beyond that your healthcare workers will all need access to the EHR software. All your corporate employees will likely need access to Office 365 or a similar productivity suite. Facility staff may need that same access as well.
Go through each of your defined roles and list out all access and applications they need to do their job.
Make a Checklist
Now that we understand the different access and applications each role needs its time to make a checklist. The idea here is to capture all the steps that we will need to take to set up a new user in each of these buckets. This allows you to get specific about what needs done and indicates order of operations.
An Example:
Admin Employee that does Accounting
- Need a login to HRMS Software.
- Need an Active Directory Account (or Entra ID) created.
- Need a Microsoft Office 365 Account and applications installed.
- Need a new email set up.
- Need a EHR login (Point Click Care or other)
Your needs may vary but putting them down on paper helps you to identify the process that needs to happen.
Build Automation and Integration
What parts of this new user setup you can automate will vary depending on the specific software solutions your organization is using. Talk with your IT team and the software manufacturers to determine what can and can’t be done.
Now we look to see what we can tie together and automate.
The best source of truth for a new user is typically your HR department. When they hire a new user they enter their information into your HRMS software. This will typically have their name, title, start date, and all other information needed for user account provisioning.
Microsoft has rolled out some great new features in Entra ID (formerly Microsoft Azure Active Directory) that allow some automation from there. It allows an API (application programming interface) between Microsoft and your HRMS software. They talk to each other and can sync data back and forth.
If that API connection is set up and configured correctly when your HR department enters a new user in the HRMS software it will automatically sync over to Entra ID and create a new user account.
Further, Entra ID can create something called dynamic groups. This allows IT admins to group user by title or department and automatically assign file permissions, Office 365 licensing, teams groups and more to a new user based on their title or department. It will automatically create a company email and assign them needed licensing in Office 365.
Point Click Care also has API integration that can connect it to Microsoft. This allows the newly created user to flow into that system as well.
So you can see that with one simple entry by HR into the HRMS system, we now have automation that kicks off. A user is created automatically in Entra ID, that creates an Office 365 login and email for the user. That data also syncs with Point Click Care (EHR software) and creates a user there. We can even script out a local installation of Microsoft office if needed.
This kind of automation is a huge leap forward that makes it simpler to manage turnover, simplifies the handoff between HR and IT, and gives the user a great experience when starting their new job. The process can also be reversed when a user is terminated to quickly shut off access when needed.
Single Sign On
One step further down this road leads us to single sign on.
Single sign-on is an authentication scheme that allows a user to log in with a single ID to any of several related, yet independent, software systems. True single sign-on allows the user to log in once and access services without re-entering authentication factors.
Entra ID can quarterback SSO for your other applications. Enabling SSO with Microsoft Entra ID means users can sign in once to access their Microsoft apps and other cloud, SaaS, and on-premises apps with the same credential.
Mileage May Vary
Not all applications have the API needed to be able to integrate and automate in this fashion. Talk with your IT team and software manufacturers to discover what is possible. Even if you can’t fully automate the process like we outline above, you can almost certainly streamline it to save time and money.
If you have questions about how to streamline new user setup for your senior living organization, i.t.NOW can help. Our years of experience and deep industry expertise help us to consult with clients and make the best recommendations for their situation.
Conclusion
Turnover and user account provisioning can be time consuming and costly when done manually. With all the new integrations available you may have options to automate new user creation that you didn’t have just a few years ago. Spend the time needed to add automation to this process and it will save you time and money for years to come.
Photo by Kampus Production
