Basanta
Basanta
 
Khanal
Khanal

Menu

Close

Identity & Access Management (IAM)
Modernizing Blue Shield’s legacy IAM system through SSO, Ping Federation, MFA, identity proofing, and consent management to enable secure, seamless, and HIPAA/CCPA-compliant user journeys.
React
Rest
Confluence
MSsuite
Swagger
Figma
Miro
Image of Identity & Access Management (IAM)

Client: Blueshield

Industry: Health Insurance & Cybersecurity

The Challenge

  • Legacy authentication systems lacked security and scalability for modern healthcare applications
  • Inconsistent login, password recovery, and registration flows led to poor UX/security vulnerabilities
  • Regulatory requirements mandated stronger identity verification and MFA capabilities

Objective: Modernize IAM by implementing secure, seamless authentication experiences (MFA, consent management, identity proofing).

My Role as Product Manager

  • ✔ Led end-to-end product lifecycle - market research, user interviews, and requirement definition
  • ✔ Developed product specifications, roadmap, PI objectives, and OKRs aligning business/technical needs
  • ✔ Coordinated cross-functional teams through architectural design, sprint refinements, and complex IAM delivery
  • ✔ Oversaw creation of Gherkin Acceptance Criteria user stories with Product Owners/System Analysts
  • ✔ Collaborated with UX teams to design intuitive authentication flows (ID/VD/UI Kit)
  • ✔ Drove backlog prioritization for continuous delivery of secure, scalable solutions
  • ✔ Managed UAT phases, post-production support, and stakeholder communications

Key Features & Solutions

Modernized IAM Platform

  • Multi-Factor Authentication (MFA) implementation
  • Consent management for regulatory compliance
  • Identity proofing for robust user verification

Seamless Login & Registration Flow

  • Redesigned user-friendly authentication experiences
  • Passwordless options and auto-recovery features

Cross-Platform Integration

  • Enterprise application/API integration
  • Unified authentication across web/mobile

Automated User Management

  • Centralized identity lifecycle management
  • Standardized authentication workflows

Impact & Results

  • 50% faster login/registration → Reduced support tickets
  • 100% compliance → Met HIPAA/CCPA requirements
  • 30% adoption increase → Enhanced UX drove engagement
  • 80% faster feature rollout → Scalable IAM framework

Key Takeaways

  • Security-first design protects sensitive health data
  • Frictionless UX drives system adoption
  • Modular architecture enables future integrations
  • Continuous compliance monitoring ensures audit readiness