User Access Request System for Medical Institute


The Challenge

In Medieval times, armored guards stood outside a city’s gate to keep an eye on who was coming and going. Access to the city needed to be tightly controlled. Fast forward a thousand years and access is managed not by armored guards but by IT security systems. The world is markedly different, but the need to carefully regulate who can access information and resources hasn’t changed one iota.

One of our clients, a medical research institute, was using a home-grown user access request system to manage access to critical systems. The program was proving to be unfriendly to new users, cumbersome to work with, and a challenge to upgrade and support. Given the importance of the systems and records involved, the need to effectively handle security access became a growing concern.

Some of the key challenges that needed to be addressed included:

  • Intuitive User Interface: The workflow involved in submitting a user access request had to be streamlined, straightforward, intuitive, and simple. The institute wanted to avoid the user confusion issues it was experiencing with its existing system.
  • Alignment with Legacy Processes: The institute’s stakeholders were happy with the overall process and flow of the existing system and did not want to deviate from that.
  • Integration with External Systems: The system needed to not only seamlessly integrate with Microsoft SharePoint, but also needed to connect to external databases and systems without interrupting the flow or disrupting the user experience.

The Solution

The institute was already using Crow Canyon’s IT HelpDesk for SharePoint. This SharePoint-integrated Help Desk addressed the institute’s IT needs effectively, so management decided to engage with us to provide a modern, user-friendly, SharePoint-based User Access Request system to replace the outdated legacy program.

Like all of our business productivity applications, our User Access Request system is built using a combination of critical core functionality coupled with the ability to configure the system according to our client’s needs. Let’s have a closer look at how Crow Canyon’s User Access Request system addressed the client’s unique challenges…


Data Input

The first step in any request system is to define the most appropriate way for users to initiate requests. While many of our customers use a SharePoint form or e-mail to create requests, this client was seeking a simplified, user-friendly approach that was highly intuitive while leaving no room for error — our solution: an access request wizard.

Crow Canyon worked closely with the institute to design a UI that guided users step-by-step through the access request process. Users understood exactly where to go and what to fill out by indicating which systems they needed to access and at what level.

On completion, the access request was automatically sent to an Approver who could approve or deny the request via SharePoint or e-mail. All new requests automatically generated a notification, ensuring that the Approver would know immediately when an incoming request was made.


Workflow Configuration

Our customer could not allow any significant changes to the existing workflows due to regulatory requirements involving medical institutes and restrictions on access to systems and records. Accurate tracking of the steps needed to approve access — and the audit trail that generates — required the system to work within defined processes.

After careful review of the required steps, we were able to automate many of the workflows, saving time and effort while still adhering to regulatory requirements. With the workflows in place, newly-created access requests are able to quickly move through the approval process until finalization.


Reporting Capabilities

At all stages, the User Access Request system captures, saves, and records all actions taken by all users — this enables management to perform audits as well as detailed performance analysis. Critical metrics enable management to build robust reports that provide insights into how well the access request system is working.


System Integration

The User Access Request system needed to read and write data to external systems and databases. Through dedicated APIs, Crow Canyon Software created access points in the request process that allowed user-entered data to be passed back and forth between the external systems and SharePoint. This backend configuration enabled the User Access Request system to become a fully integrated part of the larger management framework at the institute.


Conclusion

Our client gave us the opportunity to configure a powerful User Access Request system that was aligned with the institute’s unique requirements. By listening to our client’s concerns and addressing their challenges, we were able to customize a SharePoint-integrated solution that fully met their needs.

At the end of the project, the institute’s users were able to enjoy an intuitive access request experience that didn’t compromise the existing workflow. Furthermore, custom APIs and careful planning ensured that the system ran seamlessly with the institute’s external resources.


Anonymous Logo

About

Our client has requested to remain anonymous, but has allowed us to tell their story of success using one of Crow Canyon’s applications.


Industry
Healthcare

Solution
User Access Requests for SharePoint