Description of how these justifications apply
Procuring OpenAthens is essential to ensuring continuous and secure access to NHS Wales re-resources which has been in place NHS Wales since 2003, the current OpenAthens contract is due to expire on 30th June 2025. OpenAthens, a trusted third-party authentication which has been fully integrated into NHS Wales infrastructure, now seamlessly working with the Entra directory system. This integration allows NHS Wales users to access resources without needing to log in repeatedly when on authorised devices, streamlining the user experience and reducing barriers to access.
The importance of maintaining this system is emphasised by the shift to remote working, which makes remote authentication capabilities more critical than ever. Without OpenAthens, NHS Wales risk losing the ability to support remote (off-site) access, severely impacting the e-Library users' ability to access resources off-site. Relying solely on IP-based authentication which is outdated and insecure, as it cannot reliably verify user identity and leaves NHS Wales vulnerable to security breaches.
OpenAthens ensures precise, department-specific access control, which IP authentication cannot provide.
Maintaining OpenAthens is justified by the need for secure, flexible, and remote access to NHS Wales resources, protecting both user security and operational continuity.