A KP Manager's resource: The secure, SOX- Compliant way to create and manage National User ID (NUID) information.

Introduction to KP Identity Manager Self Service

What's new in KP Identity Manager Self Service?

Kaiser Permanente employs tens of thousands of employees who require access to KP’s computing resources to perform their jobs.  Accurately maintaining the identity information of the workforce is a large task,  but it is critical to safeguarding KP's computing systems and information assets.

KP Identity Manager (KPIM) Self Service is a web application that facilitates

  • The initial capture of accurate identity data of all KP workforce members
  • The ongoing maintenance of KP Contingent Workforce identity data, including contingent  workers’ employment status
  • Use of identity data in user provisioning and deprovisioning activities
Hiring Managers must support KP's security and compliance objectives. When onboarding a new employee or contingent worker, the hiring manager needs to establish the worker's identity in order to obtain a National User ID (NUID). An NUID is the KP Standard User ID that must be obtained to get access to the KP network, Lotus Notes, RACF, KPHealthConnect and many other applications.

Until now, Hiring Managers have not had adequate mechanisms or tools to assist with their compliance responsibilities in regard to managing workforce identities. KPIM Self Service provides that tool.  The previous less secure and noncompliant mechanisms for requesting NUID will be retired.  The multiple ad hoc identity creation channels like; phone calls to the National Help Desk, faxes, KPQuickstart, local tools, and emails are being consolidated into a single channel through KPIM Self Service.  If you are a manager (or delegate) who currently onboards workforce employees and uses one or more of the current mechanisms for requesting NUID, read on and learn more about how KP Identity Manager works, how you will interact with it, and how it will better support you in your responsibility to manage your workforce identities.


New Items in KP Identity Manager

Request Lotus Notes Account- KPIM v5.4 provides functionality where users can request Lotus Notes accounts for all users with identity created in KPIM.  

Request Remote Access- KPIM v5.4 provides functionality where users can request remote access accounts for all users with identities created in KPIM.  All requests require approvals from a manager. 

Approvals- Recent audits have alerted us to the need for relevant approvals to be captured and logged for each Identity request and update. KPIM Self Service has built in workflow that will ask the approvers, that you identify, to log into the system and either approve or reject your request. 

Self Approval- If the approval request for a particular screen would normally be routed to you—that is, you are the KP Sponsor, the Cost Center Manager, or the HR Recruiter for the request you are entering—you may enter your own name as the relevant approver. Instead of being requested to approve the request you entered, the system will log an automatic approval from you at the time the request is submitted.

Automatic Reminder of Approaching End (Termination) Dates – Along with approvals, recent audits also have alerted us to the need to enforce a Projected End Date for non-Employee Identities / NUIDs. You will notice on the Create CW Identity screen, both a KP Sponsor and a Projected End Date are required.  One reason for this is that KPIM will automatically terminate the identity of each Contingent Worker when his or her Projected End Date passes, unless modify the projected end date of that the person.  To prevent un-intended disabling of Contingent Worker’s accounts, KPIM Self Service will send warning emails to both the KP Sponsor and the Contingent Worker as the End Date approaches.  See the Recertification topic for more information.

Back to top