Live Webinar | May 14: Learn how Avery Dennison eliminated passwords for 35,000 frontline workers
Register Now
Home
>
Blog
>
In a Code Blue, Nobody Stops to Authenticate

In a Code Blue, Nobody Stops to Authenticate

Your hospital spent millions on zero-trust architecture. Your nurses are sharing passwords. Both of these facts are entirely rational, and that's the problem.

Aman Khanna
Aman Khanna
Last Updated:
May 5, 2026
In a Code Blue, Nobody Stops to Authenticate
Blog thumbnail

Picture the scenario. A patient flatlines in Bay 4. A nurse sprints to the crash cart. She needs the defibrillator settings, the patient's medication history, and the allergy flags. She needs them in the next forty seconds, not the next four minutes. Her login session timed out. The EHR is asking for a password, and the MFA prompt is waiting on a phone that's sitting in a locker.

What does she do? She does what any rational human being would do. She uses the shared departmental credentials taped inside the supply cabinet.

This isn't a compliance failure or a training problem. This is your authentication system working exactly as designed, and that design was never built for a hospital floor.

Friction that protects a banking app will kill someone in an emergency department. Those are not the same environment, and we keep pretending they are.

The cost isn't theoretical. It compounds every shift.

Healthcare CIOs are caught between two legitimate, irreconcilable pressures. On one side: regulators, auditors, and cyber insurers demanding stronger identity controls, longer session policies, and multi-factor everything. On the other: clinical staff who need frictionless access to patient data at the speed of care, not at the speed of IT policy.

The result is a hidden tax paid in workarounds, password lists in pockets, shared credentials on sticky notes, and sessions left open on shared terminals "just in case." Every one of these is a rational response to an irrational demand, and every one is a security and safety liability.

45s
Average time lost per login in high-acuity settings
70%
Clinical staff bypass auth controls under time pressure
More password sharing in ICUs vs general wards

The numbers above are uncomfortable, but they're not surprising to anyone who has spent time on a hospital floor. The harder truth is that the clinicians doing this aren't bad actors. They are good clinicians making the only reasonable choice available to them in the moment.

Zero-trust was built for enterprises, not emergencies

Zero-trust is a sound framework. Never trust, always verify. Assume breach, limit lateral movement. In a corporate environment where the consequences of over-trust are financial and reputational, this architecture makes complete sense. Healthcare adopted zero-trust frameworks that were never designed for shared, transient identity environments. The healthcare environment breaks several of zero-trust's foundational assumptions. It assumes the "user" is a consistent, single person at a desk. It assumes there is time to verify. It assumes the cost of friction is an inconvenience. In a trauma bay, none of those things is true.

The clinical reality is that access patterns are erratic by design. A surgeon in the OR needs chart access that was never anticipated in the session policy. A rapid response team arrives and needs immediate visibility into a patient they've never treated. A pharmacist is called to override an alert at 3 am on a unit they don't normally cover. These aren't edge cases. This is just an ordinary day.

Scenario What policy demands What clinicians actually do
Code Blue response Re-authenticate, MFA, access request Use shared credentials or break-glass
Cross-unit coverage Submit access request, wait for approval Borrow a colleague's logged-in session
Overnight on-call Session timeout every 15 min Disable screensaver, leave session open
Emergency override Multi-step break-glass, supervisor call Use break-glass; then no one logs the reason

Look at the right column. Every one of those behaviors is a security event. And every one was caused by the left column. When you design authentication that cannot survive clinical reality, you don't get compliance; you get creative non-compliance, invisible to your audit logs.

Context-aware identity isn't a compromise. It's the actual solution.

The answer isn't to relax security. It's to build security that understands context. A nurse running a code blue has a fundamentally different risk profile than someone logging in from an unrecognized device in Minsk. Your identity system should know the difference and behave accordingly.

Modern continuous authentication can do this. Passive biometrics, proximity tokens, badge-tap workflows, and behavioral baselines; these technologies can verify identity faster than a password prompt and with far more confidence. They can escalate friction only when risk signals warrant it: unfamiliar location, anomalous access pattern, or a role accessing data outside their normal scope.

This is where the CIO conversation needs to shift. The question is no longer "how do we enforce stronger authentication?" The question is "how do we make the secure path the fast path?" Because right now, in most hospitals, those two paths point in opposite directions.

Three questions every healthcare CIO should be asking today.

1. Where is your break-glass actually being used?

Break-glass access exists for emergencies. If it's being triggered dozens of times a shift on a single unit, it's not being used for emergencies; it's your authentication workaround. That's a signal your baseline access controls are calibrated wrong for that environment.

2. What does your session timeout policy cost in clinical time?

Map it. A 15-minute timeout across 200 nursing staff is not a neutral security decision; it's a decision to spend clinical hours on re-authentication every day. Quantify that cost. It belongs in the same conversation as your breach risk calculation.

3. When did you last walk a shift with clinical staff?

The gap between what your IAM policies say and what actually happens at 2 am is real. It lives in the space between your security architecture and your operational reality. You cannot close that gap from a conference room.

The Code Blue scenario plays out in some form in nearly every hospital, every day. Authentication friction is not a nuisance that clinical staff need to learn to tolerate. It is an active obstacle to care, and in the wrong moment, it is a patient safety issue with your name on it.

The technology to fix this exists. The harder work is organizational: accepting that security policy designed without clinical input is not security policy, it's security theater with dangerous side effects. The path forward requires CIOs and CMIOs in the same room, designing identity systems that serve both constituencies without sacrificing either. That conversation is overdue.

What a system designed for a Code Blue actually looks like

If authentication is going to work in a clinical environment, it has to follow a different set of rules.

  • It cannot assume time. It cannot assume a single user at a single device. And it cannot rely on perfect human behavior in imperfect, high-pressure moments. Identity has to move at the speed of care. That means access happens in under a second, without interrupting the clinician. 
  • It means the system recognizes who someone is based on what they carry, how they interact, and where they are, not just what they type. It means the session is tied to the individual and follows them across shared workstations, instead of forcing repeated logins that break clinical flow.
  • It also means verification does not stop at login. Identity is continuously validated in the background, adapting in real time if context changes. When risk increases, controls step up. When urgency increases, friction steps out of the way.
  • And critically, it means every action is still attributable to a verified individual, not a shared account. Not a generic login; a real person, in a real moment, with a defensible audit trail.

This is not a tradeoff between security and speed. It is a different model of security entirely, one where the secure path is also the fastest.

OLOID is built around this model. By combining badge-based access, continuous identity verification, and context-aware controls, OLOID aligns authentication with how clinical work actually happens, not how policy assumes it should happen.

The result is straightforward.

Break-glass returns to being what it was meant to be: rare. 

Shared credentials disappear from daily workflows, session timeouts stop interfering with care, and audit logs begin to reflect reality, not workarounds.

If your current IAM system cannot operate in the middle of a Code Blue without being bypassed, it is not failing at the edges. It is failing at the core. And that is where the redesign needs to start.

OLOID doesn't ask clinical staff to choose between security and speed. It removes that choice entirely because it was never a choice they should have been asked to make. If your authentication model cannot survive a Code Blue, it is not secure. It is incomplete. 

See how OLOID can help.

Go Passwordless on Every Shared Device
OLOID makes it effortless for shift-based and frontline employees to authenticate instantly & securely.
Book a Demo
More blog posts
Care Without Friction: How Verified Trust is Modernizing Clinical Identity
Care Without Friction: How Verified Trust is Modernizing Clinical Identity
OLOID and Ping Identity's Verified Trust for Clinical Workforce replaces legacy identity infrastructure with a cloud-native framework built for modern care. Verified onboarding cuts enrollment from days to minutes, with portable credentials that travel across facilities. Passwordless Tap-and-Login delivers seamless access to shared workstations and EHRs, with stepped-up assurance only when needed. Self-service recovery closes a leading healthcare attack vector.
Aman Khanna
Aman Khanna
Last Updated:
May 5, 2026
Passkey Implementation: A Practical Guide for Engineering Teams in 2026
Passkey Implementation: A Practical Guide for Engineering Teams in 2026
Most engineering teams know passkeys work. The harder question is how to ship them in production without stalling on the details that actually matter. This guide walks through how passkeys compare to your existing auth stack, the build vs. buy decision, and how to design an account recovery flow that does not reintroduce risk. It also covers a phased rollout approach and why standard passkey assumptions break down in shared device and frontline environments.
Mona Sata
Mona Sata
Last Updated:
May 4, 2026
MFA for Healthcare: Implementation Guide for IT and Security Leaders
MFA for Healthcare: Implementation Guide for IT and Security Leaders
MFA for healthcare is the most impactful single control an organization can deploy to stop credential-based attacks, satisfy regulatory expectations, and protect patient data. Yet most healthcare organizations still carry significant coverage gaps on EHR platforms, shared workstations, and vendor connections, precisely where breach probability is highest. This guide covers the threat landscape, how to choose the right MFA method for each clinical environment, how to implement without disrupting frontline workflows, what HIPAA actually requires, and a phased rollout framework built around the realities of healthcare, including the shared-device environments where standard enterprise MFA tools consistently fall short.
Mona Sata
Mona Sata
Last Updated:
April 30, 2026
All blog posts
Book a Demo
Book a demo
Book a demo
Book a demo
Book a demo
Book a demo