UVA Health uses Ivanti to help providers, patients, and families stay connected

The University of Virginia Health System (UVA) is an academic healthcare center associated with the University of Virginia in Charlottesville. UVA Health includes a hospital, level I trauma center, nationally recognized cancer and heart centers, and primary and specialty clinics throughout central Virginia. The UVA Health System's patient care, research, and medical education branches frequently receive high marks from several ranking systems. In 2016 and 2017, U.S. News & World Report ranked UVA as the number one hospital in Virginia.

All of UVA’s healthcare providers, including doctors, nurses, and caregivers make every effort to deliver high-quality clinical care in the safest environment. As a leading-edge healthcare facility, UVA relies heavily on mobile devices, apps, and data, which they’ve securely managed with MobileIron acquired by Ivanti, since 2012. The medical side of UVA now manages nearly 10,000 corporate and employee-owned iOS, macOS, and Android devices with Ivanti’s unified endpoint management (UEM) platform. From enabling secure email and communication in the beginning, to rolling out the Epic healthcare platform on mobile devices, Ivanti has enabled UVA to continuously meet the demand for greater mobile productivity and exceptional care.


iOS Management
macOS Management
Android Management

Over the years, UVA has relied on Ivanti to greatly expand mobile enablement across the entire medical department — all with just a single IT administrator for much of that time. Back in 2012, UVA initially rolled out 120 iPhone 4s devices to nurses to ensure they could securely access and share patient information without putting compliance at risk. With just one admin, the organization scaled to support 7,500 devices before needing additional IT support in key areas. Because Ivanti’s unified management console provides complete visibility and automates many routine tasks across the mobile infrastructure, IT departments can easily onboard and manage more devices with fewer staff. Today, UVA securely manages thousands of devices for every medical employee and department including nurses, doctors, pharmacists, physical therapists, telehealth specialists, clinic workers, and more.

Everyone from doctors and pharmacists to physical therapists saw that mobile devices weren’t just for email anymore. They were full-blown computing devices they could use to take photos and access and update records through Epic in order to manage patient care. Pretty soon we were leaving the legacy devices behind us. Now we can just automatically push apps and configurations, and there’s nothing for the user to do. That’s what our goal has always been.

Ivanti enables secure patient communication on macOS and iPads

For the next phase, UVA wanted to support macOS due to the rising demand from its employees. Initially, the IT team deployed Jamf as a solution for managing the department’s Macs, but quickly moved away from it to use MobileIron acquired by Ivanti because its solution better met UVA’s requirements.

“The UVA medical organization was starting to see a user-driven transition from Windows to Mac and we needed a way to manage all of these devices,” said Thompson. “We initially deployed Jamf to manage our macOS endpoints, but it just didn’t fit with our environment or scale the way we needed it to. That’s when we decided to roll everything 100 percent into Ivanti, including macOS, iOS, and Android.”

By using the Ivanti platform to manage all of its multi-OS devices, UVA has enabled tremendous advantages in collaboration and patient communication. In the era of COVID-19, radical changes in healthcare operations have forced UVA staff to innovate on the fly. Across the board, UVA doctors, nurses, and administrative staff have relied even more on mobile technology to securely access critical data and applications wherever and whenever they need it — whether in the hospital or working from home. This is also true as family hospital visits have been strictly curtailed.

For example, the UVA team has securely configured Macbooks with Tunnel so users can securely and instantly connect to healthcare apps and patient data wherever they work — without experiencing connectivity delays or security issues. Prior to using Tunnel, a user would have to launch a VPN app and have a token number generated in order to connect to the network. The device and operating system would have to be in compliance with antivirus and other security policies, but with Tunnel, only a single application connects to the network, not the device and OS. This enables doctors to securely access patient medical records through the Epic healthcare app on their phones or tablets. Since the apps are continuously connected to the network, there’s no need to download patient data to the device. As a result, Tunnel makes it easy for users to access and update the content they need as soon as they open the application, no matter where they’re working.

“It’s critical that our employees are able to securely access the information they need to get their work done and setting up Tunnel on Macs provides users a seamless way to access their work,” said Thompson. “After updating one employee’s Mac with Tunnel, it was pretty cool to see her excitement when she realized all she had to do was simply open the app to gain secure access to her work — no separate VPN login required. She said it was like magic.”

Key Benefits

Enable seamless collaboration and improve patient care.
Instantly access secure healthcare apps on Macs without a VPN.
Support patient comunication with secure tablets.

Helping families stay connected in the era of COVID-19

To help families stay connected when they cannot visit loved ones in the hospital, UVA created an innovative solution enabled by Ivanti. Because many consumer videoconferencing apps did not meet HIPAA compliance requirements, UVA needed a solution that would protect patient information during and after the video call. To meet these requirements, Ivanti and Ground Control enabled UVA to deploy iPads configured with Skype and a free texting app, which protected the confidentiality of private phone numbers and blocked outside callbacks to the device. Additionally, the combination of both solutions enables non-technical staff to quickly re-provision devices after calls between family members and patients. This wipes confidential healthcare information from the device to protect patient privacy and support HIPAA compliance.

This solution was a tremendous help to many anguished families. In one case, a family who lived outside of the United States was unable to visit due to COVID-19 quarantine measures. Instead, they were all able to gather around the computer screen in their home country and sing songs to their loved one who was unable to speak but could hear them through the iPad nurses set at the bedside.

UVA also deploys iPads secured by Ivanti to their clinics around the state. With Ivanti, these devices can be automatically configured with critical apps that enable communication between doctors, nurses, and patients who are hearing impaired or need translation services. These clinics use iPad Pros to instantly connect with an interpreter right on the screen.

“With iPad Pros and Ivanti, it’s so much easier and faster to provide these translation services to clinics,” said Thompson. “We’ve gone from having just a couple of kiosks to deploying multiple iPads in each clinic. We can even enable providers to access these services directly from their phones whenever they need it.”

After updating one employee's Mac Tunnel, it was pretty cool to see her excitement when she realized that all she had to do was simply open the app to gain secure access to her work – no separate VPN login required. She said it was like magic.

Looking ahead: Expanding multi-OS support to Android Enterprise

In an effort to expand its multi-OS options, UVA is looking to add support for other operating systems. Because nearly half of the devices healthcare providers use are BYOD, the IT team at the UVA medical branch wants to ensure users can access critical apps and data using the native device experience that works best for them.