The differences and best application of Federated Identity verses Federated Search can sometimes be difficult to understand and apply. We have several customers who have come to us saying they just bought a Federated Identity platform to solve a business challenge when what they really needed was Federated Search. Federated Identity is useful in many situations; however, an enterprise truly needs to know what they are asking for and what they will get with Federated Identity.

The biggest challenge has come in the healthcare community where healthcare organizations join in health information exchanges (HIEs) or regional health information organizations (RHIOs). They buy into the federation strategy around identity, and then when they review the concept of operations with practitioners they find that they might not have done the right thing.

As a brief example — an ER practitioner at Hospital A who is providing care to a patient, Jane Smith, wants to see what other information is available on Jane Smith outside of Hospital A in the local HIE.

• With Federated Identity, the practitioner navigates to each of the other information repositories, shared or individual, and searches for information on Jane Smith. The practitioner does not have to log in or maintain credentials with those other data owners, since they accept the federated identity, but the practitioner still has to search uniquely across each platform.
  
• With Federated Search, the practitioner only authenticates to their local platform in their hospital. Based upon agreements with other data owners (through HIE or RHIO), the hospital search can be extended to other data sources. In this scenario, the external systems don't need credentials because the hospital is doing the search.

Now, the question of consent to see records and the HIPAA rules associated with that are, of course, a separate discussion. Federated Identity can help solve that question, but it is a more complex access management challenge.