Helsana Versicherungen is one of the largest Swiss health insurance companies with 1.9 million customers. The group offers basic health, supplementary and casualty insurance and is based in Dübendorf. They recently became one of the first Swiss insurance companies to offer their customers a health incentive program.
Envisioning a Better Way
Helsana was managing employee access with a legacy identity vendor. Their environment was expensive to upgrade and maintain, and the vendor’s capabilities did not address Helsana’s complete list of requirements for their identity program. Christian Lamparth, Head of Identity Services and René Grob, Project Manager IT Infrastructure at Helsana envisioned a platform on which they could anchor their identity program to govern employee access, while concurrently demonstrating compliance. As a large health insurer, Helsana is no stranger to demanding regulatory environments and is responsible for complying under Swiss Financial Market Supervisory Authority (FINMA), the Swiss government body responsible for financial regulation. Manual certification campaigns were another pain point, creating a time-consuming burden for managers and the identity team, as well as a process prone to error.
When Helsana had to replace the core application for health insurance management for all employees, they had reached the end of the road with their identity management tool. To get the proper investment for the next phase of their identity program, Lamparth and Grob educated the business on the importance of a state-of-the-art identity governance program and how their current and future requirements could be better met with other solutions. “We knew there was a better way and wanted our management and executive teams to see the efficiencies, cost savings and improvement to user experience we were missing out on. After demonstrating this, we won their support,” Lamparth shared. In 2017, SailPoint was selected as their partner for the next generation of their identity governance program.
The Start of Something Good
Lamparth and Grob set clear goals as they embarked on this new journey. It was important to migrate their existing processes to SailPoint as seamlessly as possible as to not disrupt the business. They agreed to a phased approach, tackling the program in key parts. This allowed them to manage risk and resources along the way and measure their success realistically to rinse and repeat in future phases. They also wanted certification campaign processes to be automated and simplified, which would increase certifier participation and adherence over time. “Our basic provisioning processes were in good shape and just needed to be optimized and migrated to SailPoint. Automating the certification program was the largest area of opportunity for the team,” Grob shared.
An important application at Helsana is their new Swiss Health Platform (SHP). Lamparth and Grob prioritized provisioning access to this via SailPoint to help optimize and secure the data associated with this application. “Establishing a trusted connection with SailPoint and the Swiss health platform was crucial to our business. The organization cannot operate without granting proper access and securing it,” Grob shared.
Manager certification of roles is their next area of focus. Previously, these were manually managed which took an exorbitant amount of time. Getting manager support and follow through is easier when you build a process that is user-friendly. “Regulations drive our business and operations and we need our employees to help demonstrate our compliance. Enabling them with tools and processes that make their lives easier helps everyone achieve their goals,” Lamparth shared.
Ensuring segregation-of-duties has also been a major focus. “Health insurers hold a lot of customer data that can be comprised. If you expose the sensitive nature of this data, it can ruin your business. To manage the delicate nature of this data, SailPoint is helping us share it on a need-to-know basis. This gives us piece of mind and allows us to provide exceptional customer service,” Grob shared.
“SailPoint has provided us the flexible platform we needed to propel the business forward. With proper governance measures in place, we are more confident in our ability to secure the organization,” Lamparth concluded.