Biometrics: obstacles and opportunities in healthcare
This is a guest post by Dan Cidon, Chief Technology Officer at NextGate.
During the last decade a technological transformation has swept across the U.S. healthcare industry with the conversion to electronic medical records. Payments to the tune of $38 billion have been disbursed to hospitals, doctor’s offices and other healthcare providers that have implemented certified EHRs. As a result, 98 percent of hospitals have transitioned from paper charts. While EHRs have helped providers streamline access to patient information, the digitization of medical data has also made organizations vulnerable.
With a reported 750 cyber incidents last year, costing U.S. hospital’s an average of $408 per record, it’s easy to see why stakeholders are exploring use of biometrics to prevent internal and external breaches.
As health IT executives evaluate their organization’s security posture, many are finding that not only can biometric tools replace inconvenient password use, but also complement existing security authentication and access control systems. Additionally, in an environment challenged with accurately matching patients to their medical history, adopting technology that depends on unique human characteristics to identify individuals can play a significant role in combating patient identification errors.
Patient identification and biometrics
Research at the ECRI Institute paints a grim picture of how deeply troubling and harmful patient identification errors can be. In examining 7,613 cases of wrong-patient errors at 181 organizations, incidents included an individual in cardiac arrest that was not resuscitated because the care team mistakenly obeyed the wrong patient’s do-not-resuscitate order and an infant given breastmilk from the wrong mother who was infected with hepatitis.
ECRI found 13% of identification errors occurred at registration, when, for example, duplicate records were created, or two patients’ records were “overlaid,” a term that describes when information from one patient is used to replace another’s.
These issues are driving health IT executives to pursue effective tools that provide the ability to match a unique individual with a unique set of data that is stored in an enterprise master patient index (EMPI). Instead of using a social security or a driver’s license number to link records together, an EMPI system links the entire set of an individual’s demographics. Added to the set of demographics is a biometric characteristic of the patient which can be used at a variety of healthcare facilities without the need to perform biometric enrollment multiple times.
Leveraging an EMPI along with biometric applications can empower organizations to drive data security into the patient matching and verification systems across its IT infrastructure and affiliated care partners.
Challenges for biometric implementation
Biometric technology holds great promise and potential to improve security and patient safety, however it is important to explore the extent to which the technology is applicable in healthcare.
While the accuracy of biometric solutions has improved, it’s an ancillary solution to the problem of positive patient identification, where in fact IT integration is the primary issue. Today, the architecture of most biometric solutions is unable to scale at an enterprise level since it can only manage a subset of patients. In order to connect all of the points of registration across the enterprise, biometric systems must be able to determine the local identifiers in each of the systems within the delivery network, including aligned hospitals, medical groups, outpatient clinics, and affiliated post-acute facilities.
Use of biometrics in healthcare also faces large-scale deployment challenges given some solutions, including palm vein and iris scanners, require highly specialized, stand-alone hardware. Additionally, user anxiety associated with invasive sensors are common, since palm, fingerprint and iris scanners require patients to touch or interact with the hardware, evoking hygiene concerns or even fear of physical harm.
Technological advances to facilitate biometrics adoption
Biometrics comes with many technological demands. Storing images, palm scans, and fingerprints of millions of patients and personnel demands storage technology, as well as a health IT infrastructure that is scalable, flexible and highly-secure.
To find a cost-effective way to implement biometrics technology, many healthcare systems have turned to third parties that offer cloud computing in order to avoid the need to purchase additional infrastructure or hire skilled resources to manage biometric applications across the enterprise.
Furthermore, cloud companies like Amazon Web Services (AWS) have added biometrics technology to their platforms. Incorporating biometrics in mobile devices is also on the rise with Apple adding biometric authentication tools into their smartphones. The prospect of using artificial intelligence along with biometrics to raise the level of security in healthcare workflows is another opportunity health IT executives should consider.
As healthcare IT decision-makers think about investing in biometrics, they should consider patient identification use cases that will yield a quick return on investment. Doing so requires creating implementation plans that involve testing and evaluating the effectiveness of biometrics solutions at key points where patient identification matters the most. This includes incorporating biometrics in registration systems, at the point of charging patients for medical care, and during the process of identifying patients before tests are conducted and specimens are collected and labeled.
While biometrics will eventually become a common element in patient identification, it will still require organizations to invest heavily in integration and demographic matching platforms. Incorporating the right biometrics technology into healthcare operations will take time, but the prospect of adding security tools and operational efficiencies to today’s healthcare system is a job IT decision-makers should recognize is worth the time and the effort.
About the author
Dan Cidon is Chief Technology Officer and co-founder of NextGate, a global leader in healthcare identity management.
DISCLAIMER: BiometricUpdate.com blogs are submitted content. The views expressed in this blog are that of the author, and don’t necessarily reflect the views of BiometricUpdate.com.
biometrics | cybersecurity | data protection | healthcare | identity verification | medical records | patient identification