Upload File

uaf case study by medimpact

21
© 2015 MedImpact,Inc. All rightsreserved. The contents of this presentationare confidential and proprietary to MedImpact Healthcare Systems, Inc. andmay containmaterial MedImpact considers Trade Secrets. This presentation may not be reproduced, transmitted, published, or disclosed to others without MedImpact’s prior written authorization. MedImpact and FIDO A Case Study of a UAF Deployment FIDO Alliance Seminar Washington DC Oct 6 th 2015 Presented by Steven Secker MedImpact Healthcare Systems, Inc.

Upload: fido-alliance

Post on 22-Jan-2018

219 views

Category:

Technology


0 download

Report

TRANSCRIPT

Page 1: UAF Case Study by MedImpact

©2015MedImpact,Inc.Allrightsreserved.

ThecontentsofthispresentationareconfidentialandproprietarytoMedImpactHealthcareSystems,Inc.andmaycontainmaterialMedImpactconsidersTradeSecrets.Thispresentationmaynotbereproduced,transmitted,published,ordisclosedtootherswithoutMedImpact’spriorwrittenauthorization.

MedImpactandFIDOACaseStudyofaUAFDeploymentFIDO Alliance SeminarWashington DCOct 6th 2015

Presented by Steven Secker

MedImpactHealthcareSystems,Inc.

Page 2: UAF Case Study by MedImpact

©2015MedImpact,Inc.Allrightsreserved.

TopicsforthisCaseStudy

•WhyFIDOforMedImpact?•OurUseCases•DeploymentStrategy:WheretoStart&Why•WhyFIDOUAFratherthanFIDOU2F?• FuturePlans•Discussion/Q&A

Page 3: UAF Case Study by MedImpact

©2015MedImpact,Inc.Allrightsreserved.

WhatMedImpactDoes:PBMMedImpactmanagespharmacybenefitsformorethan50millionlivesaroundtheglobe

PharmacyBenefitManager

Claim

ApprovalCopayAmount

Drug-to-DrugWarnings

Invoice

Health InsuranceCompany

PayPharmacyforApprovedClaims

Page 4: UAF Case Study by MedImpact

©2015MedImpact,Inc.Allrightsreserved.

SoWhyFIDO?

PharmacyBenefitManager

Claim

ApprovalCopayAmount

Drug-to-DrugWarnings

Invoice

Health InsuranceCompany

PayPharmacyforApprovedClaims

Allofthisstuffisbehindthescenesasfarastheaverageconsumeris

concerned.

SowheredoesFIDOfit?

Page 5: UAF Case Study by MedImpact

©2015MedImpact,Inc.Allrightsreserved.

OurBusinessRequiresDataAccess

Page 6: UAF Case Study by MedImpact

©2015MedImpact,Inc.Allrightsreserved.

ITSecurityinHealthcare:HIGHPRIORITY!

Page 7: UAF Case Study by MedImpact

©2015MedImpact,Inc.Allrightsreserved.

HealthcareDataTargetedSpecifically

“Yourmedicalinformationisworth10timesmorethanyourcreditcardnumberontheblackmarket.”

Page 8: UAF Case Study by MedImpact

©2015MedImpact,Inc.Allrightsreserved.

LikeEveryoneElse,We’veReliedonPasswords

Foryearswe’veknowthisisbroken,buttherewasn’taclearlybetterwayuntilFIDO!

Page 9: UAF Case Study by MedImpact

©2015MedImpact,Inc.Allrightsreserved.

UseCasesforMedImpact

MembersofHealthInsurancePlans:

• Whatdrugsarecovered?• What’smycopayforthisdrug?• DoIneedaPriorAuthorization?• HaveImetmydeductible?• Whatpharmaciesareinmynetwork?• HowmuchdidIspendonprescriptionsfortaxesor

FlexSpendingAccount(FSA)reimbursement?• HowgoodhaveIbeenabouttakingmymaintenance

meds(gettingthemrefilledontime)?

Page 10: UAF Case Study by MedImpact

©2015MedImpact,Inc.Allrightsreserved.

UseCasesforMedImpact

HealthcareProviders:

• Whatotherdrugsismypatienttakingthatotherdoctorsprescribed?

• Hasmypatientbeentakinghisorhermaintenancemeds(gettingthemrefilledontime)?

Page 11: UAF Case Study by MedImpact

©2015MedImpact,Inc.Allrightsreserved.

UseCasesforMedImpact

Pharmacists:

• HaveIbeenaccuratelyreimbursedforalltheclaimsI’vesubmitted?

Page 12: UAF Case Study by MedImpact

©2015MedImpact,Inc.Allrightsreserved.

UseCasesforMedImpact

HealthInsuranceCompanies,MCOs,HMOs,Self-InsuredPlans:

• ManageMemberEligibility• BenefitDesign• FormularyManagement• PriorAuthorizationManagement• ManageDeniedClaimsAppeals• Allmanorofreporting

Page 13: UAF Case Study by MedImpact

©2015MedImpact,Inc.Allrightsreserved.

UseCasesforMedImpact

MedImpactEmployeesauthorizedtoaccessproductiondata

Page 14: UAF Case Study by MedImpact

©2015MedImpact,Inc.Allrightsreserved.

UserCommunityProfiles– WheretoStart?#ofUsers FrequencyofUse OS/Browser Mobile

BrowerApp

PotentiallyMillions

+90daysbetweenvisits

AllUncontrolled Yes Future

PotentiallyThousands

VariesGreatly

WindowsIE11/Firefox

No NoPlans

TensofThousands

WeeklytoMonthly WindowsIE11/Firefox No

NoPlans

Thousands Daily WindowsIE11/Firefox

No Future

Thousands Daily WindowsIE11/Firefox

NoPlans

NoPlans

Page 15: UAF Case Study by MedImpact

©2015MedImpact,Inc.Allrightsreserved.

SecurityandUsability– ROIforUserCommunities

Page 16: UAF Case Study by MedImpact

©2015MedImpact,Inc.Allrightsreserved.

UAFvs.U2F• Followtheleadofearly

deployments (Google,Dropbox)

• Userexperience buildsontopofongoodold,familiarusernamepassword

• Lesspotential forconfusionaboutusingmultiple computers

U2F

UAF

• Getsridofthepasswordcompletely

• Usersalwayshavetheirphones,andmillions ofthosephoneshavefingerprintreaders

Arguably,U2Fwouldhavebeenaneasierpathgivenourtargetusercommunityandtheirusecasesforthe initialdeployment. Butyoustill forceuserstochoseandrememberapassword

“Getsridofthepasswordcompletely”wonthedayforus

Page 17: UAF Case Study by MedImpact

©2015MedImpact,Inc.Allrightsreserved.

DeviceKnowsYou,WebsiteKnowsYourDevice

AccessWebsite1

SwipesFingerprint3

FIDOAuthenticationRequest Sentto

Laptop

2

Page 18: UAF Case Study by MedImpact

©2015MedImpact,Inc.Allrightsreserved.

DeviceKnowsYou,WebsiteKnowsYourDevice

AccessGranted

5

Cryptographicallysignedmessage

confirmsuserbacktowebsite

4

Page 19: UAF Case Study by MedImpact

©2015MedImpact,Inc.Allrightsreserved.

LongTermVision:WorkswithPhoneToo

AccessWebsite1

SwipesFingerprint3

FIDOAuthenticationRequest Sentto

Phone

2

Page 20: UAF Case Study by MedImpact

©2015MedImpact,Inc.Allrightsreserved.

Challenges/DiscussionPoints

• Prioritization:gettingthebusinesstoagreetoallocatedevelopmentcyclestoaddingFIDOsupportrequireseducation,internalandexternalmarketing,evangelismandhigh-levelexecutivesponsorship

• FallbackSolution:whatdousersdoiftheyneedtologinanddon’thavetheirlaptop(orinthefuture,phone)withthefingerprintreader?

• Messaging:howdoyouexplainthistouserswhoarenotlikelytogoreadwww.fidoalliance.organdrealizewhatagreatsolutionthisis?DoyoucallattentiontotheFIDObrand?Howdoyouovercomefearslike“Icanresetapasswordifit’sstolenfromyourserver,butIcan’tresetmyfingerprint!”

• Client-SideObstacles:Lackofbuilt-insupportforFIDOclientatOSlevelmeansusersneedinstall/configureaFIDOclientfortheirbrowser(FIDO2.0IbelieveaimstosolvethisandalreadyWin10hasbuilt-insupport)

• Support:RollingoutFIDOsuccessfullyrequireseducatingtheentireITsupportteam,fromfront-linecallcenterstafftoLevel2and3engineers.

Page 21: UAF Case Study by MedImpact

©2014MedImpact,Inc.Allrightsreserved.

Questions


UAF Architectural Overview - FIDO Alliance · FIDO UAF Architectural Overview Universal Authentication Framework (UAF) Protocol The UAF protocol allows online services to offer password-less

ANÁLISIS FINANCIERO - UAF

2018 ANNUAL TREND REPORT - MedImpact+MedI… · At MedImpact, we are the PBM that puts clients and members first. For 30 years, we have had a single mission: To help make pharmacy

VPAT Version 2.1 March 2018 - MedImpact Direct

K1234567 - UAF Home

UAF AnnualReport08

CURRICULUM VITAE - UAF

© 2015 MedImpact, Inc. All rights reserved. The contents of this presentation are confidential and proprietary to MedImpact Healthcare Systems, Inc. and

MedImpact Drug Exclusions

MedImpact Direct Customer Service

UAF Gifted FINAL

GRUPO UAF, S.A

UAF Convocation 2014

UAF RISE Board

UAF Viewbook 2015

UAF Administration, Faculty and Emeriti · UAF . Administration, Faculty and Emeriti. ... UAF ADMINISTRATION. ... 2000—Professor of Marine Science

Alumni list FVS UAF

MedImpact Consumer Portal User Guide - your Manna benefits

Uppsala uaf

Uaf Imaging Photo Lab

Uaf I Design

Creating a World without Passwords -- A FIDO UAF Case Study

Resale - UAF

Lecture 13. affordance & uaf

UAF Employee Training

Ruskin Case Study : University of Alaska Fairbanks (UAF): Life Sciences Research and Teaching Facility

UAF Jaarrekening 2014

MedImpact and FIDO A Case Study of a UAF DeploymentThis presentation may not be reproduced, transmitted, published, or disclosed to others without MedImpact’s prior written authorization

AndyWarwick - UAF

Dan Gavora - UAF

A note - UAF

U2F & UAF Tutorial

Modeling circulation and ice in the Chukchi and Beaufort Seas Seth Danielson, UAF Enrique Curchitser, Rutgers Kate Hedstrom, UAF Tom Weingartner, UAF Colors:

UAF AR 2009

UAF CAMPUS COMMUNITY GARDEN