Netskope & Imprivata link zero trust for clinicians

Netskope has integrated Imprivata Enterprise Access Management with the Netskope One platform, linking Imprivata's workstation sign-in controls with Netskope's Zero Trust Engine for healthcare organisations.

The integration targets shared clinical workstations and access to cloud and web applications. Healthcare providers often rely on shared devices across wards and clinics, which increases security and audit demands because multiple users may use the same endpoint during a shift.

Imprivata Enterprise Access Management is used in healthcare for passwordless access and fast user switching on shared workstations, including proximity badges and biometric sign-in. Netskope One provides security policy controls across cloud, SaaS, web, and private applications. Its Zero Trust Engine makes access decisions based on context and risk signals.

Identity context

The integration feeds Imprivata's user identity context into Netskope's policy enforcement. The goal is to map actions on shared workstations to individual users more precisely than a basic operating system login and to give security teams more data when investigating activity involving regulated information.

After a clinician authenticates at a workstation, the combined system can apply a personalised security profile that follows the user across devices and locations, including cloud and web activity. The focus is Protected Health Information, which carries strict handling and reporting obligations in many jurisdictions.

In the United States, healthcare organisations often align controls with HIPAA and HITECH requirements, including auditability and minimum necessary access. The integration is intended to improve visibility into user actions and strengthen audit trails for shared-device use, a recurring gap in hospital security programmes where staff rotate frequently across terminals.

AI workflows

The announcement also ties the integration to the growing use of AI services in clinical and administrative workflows. Providers increasingly use APIs and cloud tools for tasks such as drafting documentation and summarising reports, which can expand the destinations where sensitive data is copied or processed.

Netskope highlighted the risk of "Shadow AI", where staff use unapproved AI services or features outside formal governance. It also pointed to the challenge of correlating activity across human and non-human identities, including service accounts and automated workflows, arguing that older tools struggle to connect identity, data movement, and policy violations across multiple systems.

Netskope cited data from its Netskope Threat Labs Report: Healthcare 2026, reporting that 89% of healthcare data policy violations involve regulated data-higher than the global average across other industries.

Renown Health, a US healthcare provider, is referenced as a user that expects operational and security benefits from the combined approach.

"AI is transforming clinical decision-making, but it also introduces new data risks, from Shadow AI to sophisticated ransomware," said Steven Ramirez, Chief Security & Technology Officer at Renown Health. "By combining Imprivata's access management platform with Netskope's AI-powered, identity-aware zero trust architecture, we gain real-time visibility across shared workstations and cloud applications. This lets us enforce role-based access, reduce implicit trust, and automate threat response, strengthening PHI protection and operational resilience without slowing clinicians down."

Workstation controls

Imprivata said its "tap-and-go" approach remains central for clinicians who need rapid access to records and applications. The integration links each sign-in event to Netskope policy enforcement for data protection and threat controls.

"In healthcare, security must move at the speed of life-critical care. By integrating Imprivata Enterprise Access Management with the Netskope Zero Trust Engine, healthcare organisations can secure the last mile of the clinical workflow on shared workstations while bridging the gap between clinical agility and uncompromising data protection," said Chip Hughes, Chief Product Officer at Imprivata. "Healthcare professionals can continue to leverage the tap-and-go model to access patient records instantly, while Netskope works behind the scenes to apply precision, role-based policies that help stop ransomware and protect PHI."

The companies outlined several operational scenarios, including real-time threat protection for each session on shared clinical workstations; compliance and investigation support through user-level audit trails; and data loss prevention policies mapped to job roles, enforced across cloud and web traffic.

Imprivata said its Enterprise Access Management platform has expanded to include passwordless authentication, identity verification, risk signalling, and behavioural analytics. It also cited its "2026 Best in KLAS for Access Management" designation.

Availability

The integration is available to Imprivata customers that deploy the Netskope One Client. The companies described it as a SaaS-to-SaaS integration, indicating it is designed to work across cloud-delivered services rather than relying on bespoke on-premises connectors.

David Willis, Vice President of Technology Alliances at Netskope, said the release is an early step in broader collaboration.

"Today's healthcare environments require an AI-ready approach to preserving patient safety by protecting data and preventing security incidents," he said. "Our integration with Imprivata enables fast and efficient clinical care while enforcing the strict zero trust principles required to defend against criminal activities and adhere to strict compliance requirements. This milestone is just the beginning of a strategic collaboration aimed at redefining secure identity and access across the healthcare IT stack."