The rise of electronic health records (EHR) has been a game-changer in the healthcare sector. Part of the broader wave of digitization that has swept organizations across all kinds of areas, from financial services to government, the rise of EHR has helped to modernize healthcare administration.
This, of course, has brought about new security threats. Access to sensitive patient data is now at the tips of hackers’ fingers, while new regulations have been coming into play to help keep that data safe. This means that hospital administrators and other healthcare officials are now looking to more sophisticated security mechanisms for electronic records – with biometrics poised to be a key security solution, as Frost & Sullivan explained in a report issued earlier this month.
Diagnosing Weak Security
The trend toward better security is a welcome one, but it may be more reactive than proactive, with many healthcare organizations still relying on more archaic methods of security to deal with EHR. After polling over a hundred healthcare professionals last year, LexisNexis Risk Solutions found that while 58 percent of respondents felt confident in their organization’s ability to protect patient data, 93 percent still relied on usernames and passwords to access patient data.
Similarly, a HIMSS survey from earlier in the year found that 69 percent of healthcare organizations were still using outdated tech in their networks such as ten-year-old operating systems, and over a third of respondents indicated that they don’t perform any kind of phishing tests to prevent against such attacks.
This all suggests that healthcare IT is lagging far beyond in the cybersecurity arms race as hackers develop ever more sophisticated tools to gain access to PII and other sensitive data.
The good news is that there are compelling security solutions available right now. Atos, for example – an IT company that works with hundreds of healthcare organizations in the US – announced a new cybersecurity platform aimed at this sector last year. The solution includes not only biometric authentication technology, but also other security services including cloud security, and is tailored toward healthcare organizations specifically.
There are also emerging devices from the commercial electronics side of things. Lenovo launched a biometrically-secured laptop aimed at the healthcare sector last year, dubbed the Lenovo ThinkPad T490 Healthcare Edition. The laptop features a built-in FIPS 201-compliant fingerprint reader from Crossmatch (now HID Global) that, as VP John Hinmon explained, “lets healthcare professionals keep their data secure and control who is accessing it without slowing them down while providing care.”
Protecting PII and Fighting Fraud
Biometric technologies are not only helping the healthcare industry to keep patient data secure; they’re also being adopted to fight fraud and streamline operations. A few months ago, for example, FacePhi entered into a partnership with Swiss Medical Group. FacePhi has established a high profile in the financial services industry with a selfie-based solution that uses facial recognition to authenticate customers, allowing end users to securely open and access accounts from their mobile devices. The advantages of this system apply just as well in the healthcare sector, where Argentina’s Swiss Medical Medicina Privada has opted to use FacePhi’s selfie authentication solution to let customers remotely sign up for healthcare plans – a move that could fight fraud while improving service and protecting customers’ sensitive health data.
These are just a few examples of how biometric technology is helping to protect data in the age of EHR. The diagnosis right now may be that healthcare IT has some serious vulnerabilities, but there are signs that this sector is starting on a similar trajectory of adopting biometric security to what has been seen in financial services over the last few years. That course of treatment should lead to some very healthy results, both for healthcare organizations and for the biometrics specialists helping to protect their data.
February 21, 2020 – by Alex Perala