Sean Kelly is Chief Medical Officer and head of healthcare strategy at Imprivata – the digital identity company providing simple and secure access for the healthcare industry.
Imprivata enables organisations in over 45 countries to fully manage and secure all enterprise and third-party digital identities by establishing trust between people, technology and information.
Here, we learn about the challenge of balancing security with accessibility and the company’s aims for the rest of 2025 and beyond.
A common complaint among healthcare professionals is that innovation is often driven by tech companies with little understanding of frontline challenges.
Smart, tech-savvy teams develop solutions to perceived problems without fully grasping the challenge of integrating those solutions into real-world healthcare settings.
Emergency physician Kelly is more than familiar with this problem.
He says: “For clinicians, it’s not about technology for technology’s sake. It’s about how tech enables us to get back to the core of patient care.
“I’m passionate about bringing consumer-grade technology into healthcare workflows.
“These environments are complex, and we need tools that match that complexity—tools as powerful and reliable as a stethoscope or an ultrasound.
“We shouldn’t have to accept subpar tech when the stakes are so high.”
The stakes are especially high when it comes to cybersecurity.
Sean Kelly
Healthcare is a major target for hackers and bad actors, with the NHS sustaining numerous ransomware attacks over the past few years.
Just last month, Advanced Computer Software Group was fined £3m by the Information Commissioner’s Office (ICO) over security failings that led to a ransomware attack on the NHS.
It’s an ever-evolving industry, with Imprivata very much on the front line.
But do strict cybersecurity safeguards have a negative impact on user experience? How is it possible to balance the two?
Kelly says: “We reject the outdated belief that you must choose between security and user experience.
“Our platform aims to deliver both— easy for clinicians while giving IT teams the dependable, secure infrastructure they need.
“We secure every digital endpoint, and because we understand identity, we can offer adaptive access: easy for the right people, impossible for bad actors.”
Third party breaches are one of two big cybersecurity threats facing healthcare today, Kelly says. The other is mobile devices.
While mobiles can be invaluable tools on the frontline of healthcare, they do present a new attack vector for Imprivata to manage.
Kelly says: “Mobile devices enable more agile, patient-centred care.
“Nurses and therapists can do vital sign monitoring, medication administration and documentation directly at the bedside. It’s faster, better for patients, and improves compliance. But shared devices must be secure.
“With our platform, we can enforce biometric logins, manage battery health, and ensure each device is properly wiped before it’s reassigned.
“It also saves money—shared devices reduce total purchases by up to 50 per cent, and tracking minimises loss. One hospital reduced device loss from over 20 per cent annually to under 1 per cent, saving millions.”
Imprivata is not the only company working in the mobile device management space. So what makes it different?
Most other solutions focus on a one device per user model, Kelly says. However, Imprivata’s is built for a shared enterprise mobile environment.
Imprivata Enterprise Access Management (formerly OneSign), for example, eliminates the need for generic logins at shared workstations, keeping applications running “hot” while optimising workflows to save clinicians time and enhance workstation security.
The system integrates with existing mobile device management tools, complementing rather than replacing them, and adds an extra, robust identity layer.
Imprivata will continue to build on its multi-layered approach to security throughout the remainder of 2025 and into 2026.
Kelly says: “We’re focused on modernising multi-factor authentication.
“Today’s “MFA”—a long password and OTP token—isn’t enough.
“We’re advancing passwordless approaches using facial biometrics, trusted devices, and adaptive authentication.
“For example, if a doctor’s behaviour is consistent and predictable, we minimise friction.
“But if anomalies appear—like login attempts from multiple locations—we ramp up the security.
“It’s about securing systems and making them easier to use.”
