By John Callahan, Chief Technology Officer, Veridium
Our health information is some of the most sensitive and personal data we have, which also makes it a prime target for hackers. The National Healthcare Care Anti-Fraud Association estimates that health care fraud costs the nation about $68 billion annual – about three percent of the nation’s $2.26 trillion in healthcare spending. This number is only expected to grow as hackers grow even more sophisticated. Clearly, traditional methods of securing data – through passwords, PINs, and tokens – aren’t working. So, what are organizations to do?
Replacing passwords with biometrics – or, asking people to authenticate using what they are versus what they know - will ensure secure yet convenient access to health and insurance records, and provide true identity authentication so that only the patient, their doctor, and other authorized healthcare workers have access to them.
For example, a patient who is visiting the hospital for a surgical procedure will be seen by a variety of nurses and doctors throughout their stay. Their identity can be verified at each stage of their treatment using a biometric service to ensure that the correct person is being given the correct treatment. For starters, they can sign in using their fingerprint when they enter the hospital, notifying staff that they have arrived. Before surgery, a doctor can again use their fingerprint to verify their identity to confirm that they are indeed operating on the correct patient (after all, stranger things have happened!) and ensure the proper procedure is performed. Following their surgery, a nurse may use their fingerprint to quickly pull up their relevant medical records and verify their identity before administering pain medication. Furthermore, a biometric service can also be extended to work when the patient is released home and wants to access their medical records or needs to renew a prescription.
For healthcare workers, biometrics can provide a convenient and secure method to support accurate dispensing of prescription drugs and be used for logical authentication and physical access control. For example, a nurse may ask a patient for their fingerprint to confirm their identity before providing a heavy-dose of prescription medicine. A nurse may also use a biometric service to enter secured rooms, access confidential patient information, or use it as a way of identifying themselves as the nurse or doctor performing a procedure. By eliminating a password or PIN, patients, family, and hackers, can’t access restricted areas or information that they do not have permission to access. A biometric identity system that can combine physical and logical access control is a powerful proposition for hospitals and clinics as it is vital to ensure that authorized healthcare workers are able to access what they need to quickly, conveniently, and more importantly, securely.
When choosing to adopt biometrics, however, healthcare organizations must take into consideration the different physical requirements of both the area where they are being used and the restriction on people using them. For example, some areas within a hospital zones require clinicians to wear surgical gloves and masks, thereby prohibiting the use of fingerprint authentication. For these circumstances, eye-based biometric technologies are likely the better choice.
Biometric authentication, while it can prevent identity fraud, is also useful for much more. Other potential benefits of identifying patients through biometrics include:
- Reducing billing fraud: By using biometric authentication instead of paper insurance cards, it can deter dishonest providers from filing phantom claims, because a biometric scan offers proof of a patient’s physical presence at a health care facility.
- Improving the time it takes to react to medical emergencies: With biometric authentication, patients who are unconscious can still be quickly identified so that physicians can confidently treat them faster and accurately, knowing their past medial history.
- Improved patient experience: Patients can access their own health information simply by verifying themselves with a physical characteristic. Biometric authentication eliminates the need to remember long passwords.
There is already a combination of single and multi-factor biometric authentication with fingerprint, face, iris, palm, and behavioral biometric technologies deployed in medical centers across the globe, but it still isn’t mainstream. However, a new report published by the Biometrics Research Group predicts biometrics will continue to drive technological transformation within the global healthcare market. The research firm projects that the entire global marketplace for biometric solutions in healthcare will reach almost US $5 billion by 2020.
Hackers will continue to target medical information until the process becomes too difficult to hack and they focus their attention elsewhere. Adopting biometric authentication is one of the best ways healthcare organizations can prevent patients and healthcare workers against these types of attack.
About The Author
John Callahan, Chief Technology Officer at Veridium, is responsible for the development of the company’s world class enterprise-ready biometric solutions, leading a global team of software developers, computer vision scientists and sales engineers. He has previously served as the Associate Director for Information Dominance at the U.S. Navy’s Office of Naval Research Global, London UK office, via an Intergovernmental Personnel Act assignment from the Johns Hopkins University Applied Physics Laboratory. John completed his PhD in Computer Science at the University of Maryland, College Park.