Case Study: How Mercy Medical Cedar Rapids Made Password Management a Positive Employee Experience
Mercy Medical Cedar Rapids
One of the largest and fastest-growing Named one of the nation's top 50 cardiovascular hospitals, Mercy Medical Cedar Rapids provides superior service and quality by going the extra mile for their patients and their patients’ families.
The challenge: Taking the pain out of password security
Every second counts when it comes to serving patients, which is why healthcare spaces have a need for speed like no other industry. And today, healthcare organizations are busier than ever. Unfortunately, many healthcare providers are finding their speedy care interrupted by time-consuming security protocols, like outdated password management.
At Mercy Medical Cedar Rapids, every employee is committed to providing a great healthcare experience, but trying to manage passwords was slowing down care. In response to the delay caused by password management, Mercy Medical first tried a sticky (but unsafe) solution.
While sticky notes with login and password information on computers were a temporary solution to achieving easy access, Mercy Medical wanted a long-term, secure solution. After evaluating its cybersecurity situation, Mercy Medical realized that any poor password habits were rooted in good intentions and the need for quick access. The IT team wanted to provide a password management solution that would empower its people.
Mercy Medical takes security seriously and has an entire cybersecurity sub-committee to provide additional governance for the organization; but Mercy Medical also knows that collaboration across the entire team is the best way to build strong security. They wanted to make a password management change that would have a positive impact on the health organization’s culture.
To find a password management solution that would enable a collaborative security culture, Kimbro knew his team needed to approach security differently than many other organizations do. “In healthcare, if our employees have to choose between patient care and password security, they’re going to focus on patient care,” says Kimbro. Mercy Medical needed to find a way to be HIPAA-compliant without compromising patient care.
The Mercy Medical security team believed that password security and patient protection could go hand in hand, but they needed a password management solution that checked all the right boxes to facilitate employee buy-in.
What were those boxes?
Box 1: Employees had to want to adopt the solution. This meant it had to be user-friendly, make people’s lives easier, and most importantly: save them time.
Box 2: The solution needed to strengthen security and HIPAA compliance.
Box 3: The solution had to integrate seamlessly into employees’ daily tasks, enabling healthcare providers to focus on patient care. Single sign-on (SSO) would be a plus.
The solution: Teaming up to adopt a HIPAA compliant solution
After a thorough search, one password management solution kept showing up at the top of the list and checked all the boxes: Dashlane.
“The security team was drawn to the solution because it was easy to see how Dashlane would have a positive impact on our employees,” Kimbro explains.
The Dashlane browser extension was a major highlight because many employees work with external sites. The security team also loved the Dark Web Monitoring feature, which monitored if any sensitive information was being posted on illicit sites. Plus, they could easily set up multi-factor authentication (MFA). Most importantly, Mercy Medical discovered that Dashlane could be used for personal and work passwords, anytime, anywhere. “The convenience of having passwords at your fingertips no matter where you are or where you’re working was exactly what we were looking for,” Kimbro shares.
The result: A bill of clean (password) health
Going from a sticky security situation to a secure vault, Mercy Medical turned poor password management into an opportunity to improve password security with employee buy-in. “Dashlane helped us enhance our security posture, but even more importantly, it helped our employees perceive cybersecurity differently and feel like they’re part of the solution,” Kimbro shares.
Dashlane did more than just change perspectives on password security: It also created new partnerships.
And the best part? Protecting patients’ and employee information has never been so easy because employees want to use Dashlane. “Thanks to Dashlane, I am 100% confident that our patient data is more secure and it’s easier for our healthcare professionals to be HIPAA-compliant,” Kimbro explains. “Dashlane lets us customize its features so we can ensure that our staff aren’t sharing their professional passwords, but they can safely share their personal ones, like wifi passwords.”
Healthcare providers at Mercy Medical appreciate having streamlined access to the websites that they use every day; features like auto-login and the ability to maintain passwords in-app have sped up access by 60%. “It’s not every day that we have a product that increases our security posture and speed of access,” shares Kimbro. The benefits that Mercy Medical’s employees are seeing don’t stop at the end of their shift: Each employee enjoys a free Family password manager plan and can invite up to five others to join Dashlane at no cost.
“Employees’ professional and personal lives run a little smoother with Dashlane,” Kimbro says. “People love how Dashlane simplifies once tedious day-to-day processes.”
Mercy Medical employees are realizing value and convenience from the password management solution in ways that the healthcare organization didn’t initially anticipate but has whole-heartedly embraced. “For example, it even makes online shopping and checkout faster, so we’ll be doing a standing educational outreach around Black Friday,” Kimbro explains. “Making security personal helps make it more relevant.”
Moving forward, the prognosis looks excellent for the partnership between Mercy Medical and Dashlane. Mercy Medical has begun to onboard every new employee with Dashlane and is seeing adoption rates as high as 90% with new employees.
“We try to show how practical and easy-to-use Dashlane is and that gets people interested,” Kimbro shares.
Ready to get started?
Thanks! You're subscribed. Be on the lookout for updates straight to your inbox.