By virtualising the medical staff’s IT environment and securing access to confidential data, the University hospital has succeeded in optimising patient care.

A multiple mission: Care, education and research

The Saint-Étienne University hospital is a centre of excellence in the Rhône-Alpes region. Equipped with a capacity of 2000 beds and 6700 healthcare professionals it has to respond to the needs that are characteristic of the healthcare sector and the Loire department.

As a centre of excellence in numerous disciplines, the Saint-Étienne University hospital provides a consultation function for other establishments in the region and promotes innovation and progress in diagnostic and therapeutic methods along with their dissemination through its partnership with the university and university colleges of the region. The hospital also provides local healthcare services for the Saint-Étienne area in conjunction with various participants under the framework of a healthcare network.

Optimising patient care

The hospital is committed to a large modernisation process that targets the optimisation of patient care. This resulted in the implementation of a new hospital IT system centred on the patient.

Implementation of our new hospital IT system presented us with a large dilemma: How to guarantee confidentiality of the patient medical files whilst facilitating access to the information contained within them? The two requirements appear to be contradictory. However, these files contain information crucial to the care of the patient and it is essential that they be available to a wide range of healthcare professionals (emergency, specialist, etc.) who might be involved in their treatment. In parallel, another question concerned the implementation of applications. Taking into account the diversity and number of workstations involved (3500 spread originally across 5 sites and eventually to be across 2 main sites), we needed to find a way to streamline the deployments whilst developing links with the technical platforms.

Jean-Christophe Bernadac, IT Systems Director for the Saint-Étienne University hospital

The approach taken by the hospital was based upon the work of the GMSIH (Groupement de Modernisation du Système d’Information Hospitalier: The Hospital Information Systems Modernisation Group) and the GIP-CPS (Groupement d’Intérêt Public – Carte de Professionnel de Santé: The Public Interest Group – Health professionals Card) on the confidentiality of personal medical data. The hospital chose a largely open patient file, enabling all healthcare professionals to access the file if they participate in the care of the patient. They were looking for a solution that relied on both traceability and responsibility. Having been using the CPS card for access and use of the time management application since 2005, the hospital naturally opted for a solution that made use of the CPS card for authentication.

Ilex International and Citrix take up the challenge

In response to this twin dilemma, the hospital’s Information Systems Department chose to combine two solutions from Ilex International (Sign&go Santé and Meibo) with the XenApp application delivery solution from Citrix.

Ilex International is a software provider specialising in Identity and Access management (IAM).Partner to most of the blue chip companies, today Ilex International is renowned for its expertise in enterprise repositories and Identity Federation. www.ilex-international.com

Citrix is the global leader in application delivery infrastructure. More than 215,000 organisations worldwide rely on Citrix to deliver any application to users anywhere with the best performance, highest security and lowest cost. www.citrix.com

Citrix enabled us to redesign our application server infrastructure and abandon the traditional client/server mode in preference to a centralised model based on the XenApp solution integrating a SSO function. Ilex International provided Sign&go Santé, the strong authentication solution based on the CPS card, and manages the repository infrastructure via a bridge between Meibo and Active-Directory. The virtualisation of applications combined with strong authentication enables the hospital’s workstations to be shared. Being individually assigned and protected by a PIN code, the CPS card guarantees the professional a rapid and secure access to their normal work environment, irrespective of which workstation they use to connect.

Jean-Christophe Bernadac


For instance, a healthcare professional inserts their CPS card in the nearest workstation’s card-reader. After entering the PIN code, they access a portal that presents them with all the applications to which they have access. Thanks to the Citrix XenApp’s SSO function, and for the duration of the session, there will be no further need to enter their PIN code in order to start an application. If the healthcare professional forgets their CPS card, they can connect with a username/password for a limited period with reduced rights and a log of activity is kept. In certain departments equipped with a dedicated application (emergency and, in the near future reanimation), the professionals access it as soon as authentication is completed. Session persistence on simple presentation of the CPS card satisfies the requirements of personnel mobility.

The system is simplicity itself and is instantaneous (less than 10 seconds). The CPS card must no longer be a constraint, but become a tool that is used to save time, time which is often precious.

Jean-Christophe Bernadac

The deployment of the new hospital IT system launched in October 2005 was completed in 2010. The server infrastructure has been replaced with the installation of new blade servers hosting the Citrix XenApp solution and the applications. The Ilex International servers are dedicated to security and provisioning of the user accounts. The whole system has built-in redundancy to ensure a rapid recovery in the case of failure.

Time saving, comfort, empowerment and continuity of service

After a year of operation, the Information Systems Department can underline the first benefits offered by the infrastructure.

On the one hand, our access policy totally respects the confidentiality imposed by the 15th May 2007 decree; in addition we save time by doing away with old administrative procedures which considerably held back the activities of temporary and shift personnel. The patients are the first beneficiaries of this evolution. In parallel, it has enabled us to mobilise and enlighten the personnel to the issues surrounding confidentiality and security. As of now, everyone can access the medical files under their own responsibility. This would have been impossible with a traditional password and, above all, incompatible with the confidentiality requirements governing our activities.

Jean-Christophe Bernadac

Thanks to a unique directory, a strong authentication system and a centralised architecture, the hospital has streamlined its activities whilst guaranteeing the operational availability of its applications and ensured quality of service and the respect of security constraints. Economies have been made thanks to the deployment of thin client workstations in departments where “single applications” are used and in the reduction of operations relating to maintenance. Certain processes have been considerably simplified, notably in terms of account opening and profile management, user rights are automatically linked to information contained in the CPS card.

Thanks to the streamlining of our IT processes, we are improving the quality of care for our patients. Our staff communicates and collaborates better, accesses information quicker and easier in complete transparency. We are progressing step by step and have migrated our patient administration management along with our activity log to Citrix XenApp. The system, which is particularly convivial, has been well received by the personnel and the conditions are right to offer higher performance services.

Jean-Christophe Bernadac

Key takeaways

The challenges

  • Guarantee the confidentiality of the medical files, whilst facilitating access to the information that they contain
  • Streamline the deployment of applications and simplify the IT maintenance

The solutions

  • Strong authentication: Sign&go Santé from Ilex International combined with CPS cardsƒ
  • Virtualisation and security: Citrix XenApp Platinum, SSOƒ
  • Directory administration: Meibo from Ilex International

The benefits

  • Security and confidentiality of the data
  • ƒSimplification of workstations, mobilityƒ
  • Time saving and increased productivity directly benefiting the patients
  • ƒSimplification of IT administration and cost economies