How Athenahealth EHR Built a Safe and Scalable Healthcare Ecosystem

Athenahealth successfully leverages technology to break down obstacles in the healthcare system, as evidenced by the fact that it is utilized by more than 40% of Americans. The firm, which began as a women’s health and birthing facility in 1997, has grown into an industry leader, providing cloud-based services to both clinicians and patients. 

athenahealth specializes in electronic health records, revenue cycle management, patient engagement, care coordination, and point-of-care mobile apps, all with the objective of assisting healthcare providers in providing better experiences. athenahealth has a massive presence in the United States, servicing 160,000 clinicians and 110 million patients through 8,000 distinct portals. 

“We’re constructing a healthcare ecosystem,” says Patrick Hursen, Director of Engineering at athenahealth. “As we began to extend what we were doing, we built new microservices and mobile applications, as well as mergers and acquisitions of some of our other apps. 

athenahealth EHR used various Okta Customer Identity Products, including Authentication, Authorization, User Management, Adaptive MFA, and B2B Integration, to provide the smooth and secure universal experience Hursen desired. DynamicScale was also used by athenahealth to guarantee an excellent user experience at all times, including during traffic surges. 

Based on top athenahealth EHR reviews, it’s safe to say that they’ve successfully integrated superior healthcare IT with scalable solutions. 

Meeting the ever-so-strict healthcare protocols  

The first step toward establishing a unified yet customized experience was to standardize identity across all portals so that neither patients nor providers needed to remember numerous identities or passwords to access information or services. 

Despite the fact that athenahealth has long been developing its own software, the business opted to collaborate with a partner to provide identity management for its whole ecosystem. Being in the healthcare industry entails adhering to stringent and complicated security procedures, such as HIPAA compliance. 

“You believe identity is an easy thing,” Hursen adds. “However, when you consider how it needs to connect into all of the other operations, it becomes rather complicated. We wanted to focus on healthcare rather than security and building new MFA solutions. Therefore, we collaborated with Okta experts.” 

Building a Strong Foundation 

athenahealth wanted to expand even further, but it needed to develop a solid brand and technology foundation on which to build, adapt, and scale. In addition, the company needed to plan for more customers, security issues, legislation, product integrations, and even acquisitions. 

 The best authentication platform for the task was Okta’s architecture, which was secure and compliant straight out of the box. Hursen emphasizes the relevance of Okta’s APIs’ breadth and utility. 

 “Okta had the overall architecture that allowed us to define how we wanted our users or services to behave. And that allowed us to begin constructing iteratively.” 

Creating a universal login for all of Athenahealth Alternatives applications were part of the developing process. However, creating a single login that would appropriately manage password flow, sessions, and token passing was a massive job. Hursen and his colleagues realized they had a completely customized solution sitting in front of them. 

“That’s when we started looking at the Okta sign-in widget. And we discovered that open-source code had 75 percent, if not the majority, of what we required, and that we could go quicker by adopting it and modifying it.” 


Hursen and his team began athenahealth’s Okta deployment by connecting services and then testing a few use cases with a limited number of users. Then it was time to make the new Okta-powered patient portal available to the public. 

“What was a bit terrifying about this journey was knowing that once we published this entire huge event, we’d have millions of people on Day One,” Hursen adds. “The wonderful thing was that it was predictable. We knew what we were going to get once we turned it on. Along the process, we were able to conduct a lot of planning and testing.” 

As the launch approached, the Okta Customer Success team collaborated with athenahealth to prepare for the immediate scale-up, guard against fraudulent or unauthorized traffic, and establish rate limitations for each API. 

“They assisted us in calculating what we believed we’d need and developing a mechanism for rapidly increasing that if we noticed spikes or unanticipated things,” Hursen adds. “We also had a war room built up with Okta where we could immediately communicate, pivot, and update as we completed that rollout over a few weeks.” 

Telehealth During COVID-19 & Beyond 

Because athenahealth had previously established a solid identity foundation with Okta, the organization was well-positioned to succeed when COVID-19 arrived. Hursen’s team members could already work remotely—his productivity actually increased during the pandemic—and Hursen was able to onboard the whole team remotely. 

Hursen and his colleagues have long planned to include telehealth within the business. This year, those plans went from the back burner to the front burner. Because Okta infrastructure was already in place, creating, deploying, and scaling out a telehealth application became a reality. 

“We were able to swiftly get teams involved across our multiple divisions, including a couple of my teams,” he adds, “to quickly create a telehealth application on the physician and patient side.” “We were able to proceed from general conception to alpha in six weeks, and then to beta in five or six weeks.” 

You can also request the athenahealth EHR demo by clicking here. Or request athenahealth EHR pricing from here. 


“When we looked at a few [identity management] rivals, one of the most important aspects was Okta’s continuous commitment to uptime dependability and stability,” Hursen adds. “The fact that we don’t have to worry about those things ourselves—not having to perform support or fixes on our systems—has allowed us to focus and go back to innovating.” 


To help offer the seamless and safe universal experience Hursen sought, athenahealth deployed a variety of Okta Customer Identity Products, including Authentication, Authorization, User Management, Adaptive MFA, and B2B Integration. Athenahealth also employed DynamicScale to ensure a good user experience at all times, especially during traffic surges. 

To learn more about how athenahealth used Okta to build scalable apps and a seamless user experience, check out athenahealth’s webinar.