HIMSS 2018 was all about the latest innovations in healthcare: how artificial intelligence will impact the way we provide care, the role of cloud computing in health IT and ways that the IoT can help with things like remote patient monitoring. There was one thing that really surprised us. Security wasn’t one of the top conversations. In our world, innovation and security go hand-in-hand.
If you’re looking at the future of digital health and security isn’t on your mind, your business will be in trouble. Here’s what we think you need to consider when it comes to how security can advance innovation from both the patient and clinician standpoint:
The Patient Experience
A patient’s first interaction is with the healthcare facility, whether that’s a hospital, doctor’s office or rehabilitation center. A huge focus at HIMSS was how to make these initial interactions seamless. What we overlook is that these spaces are often the least secure.
Take pharmacies. When you walk into a pharmacy, often, all you’re asked for is your last name and your birthday. If somebody overhears this information, there’s nothing stopping him or her from picking up your prescription the next time. A major factor in the opioid crisis is the inability to control who is taking what medications.
These issues extend into the patient’s home. IoT devices like blood pressure and glucose monitors collect data and send it to physicians. Problems arise when the person who possesses the device is not the actual patient. When data is used to make medical decisions for the wrong person, it puts lives in jeopardy.
The question becomes how we authenticate patients throughout every touchpoint in healthcare -without burdening them with a dozen passwords. With a biometrics platform, patients authenticate through a single app on a single device, and hospitals know exactly who they are.
The Clinical Experience
Hospitals require nurses and physicians to carry smart cards and remember passwords. Recent Drug Enforcement Administration (DEA) regulations mandate that if a physician prescribes controlled substances, he or she must also carry second-factor authentication on a hard token. To make matters more complicated, clinical computing systems typically have short timeout windows, prompting staff to login multiple times in a single session.
What does this mean? You’ll see hospital workers carrying laptops from room to room in an effort to keep sessions open, which is neither efficient nor seamless. Physicians find themselves spending more time typing on a laptop than engaging with patients, which isn’t great for patient care.
A tablet equipped with biometrics can free nurses and physicians from these bulky tokens. Physical biometrics, like a facial scan, combined with behavioral biometrics, such as the way a doctor or nurse taps or scrolls on a screen, can authenticate silently and continuously. The pressure to constantly keep a session active is gone.
In closing, biometrics is here and here to stay, but mainstream adoption won’t happen overnight. Certified solutions like Samsung SDS Nexsign will ease consumers into healthcare biometrics by empowering patients to control it through their own mobile devices.
However, biometrics is only one part of a much larger, much more complicated conversation about security in healthcare. What issues do you think the industry needs to address, and what solutions can we leverage to get there? Let us know by tweeting us at @SamsungSDSA.
Shankar Saibabu is the lead Solutions Architect and FIDO Standard Specialist for the Financial Services Team at Samsung SDS America. Shankar has various experiences in regulated industries when it comes to software solutions and services, including the healthcare industry.