Biometrics can transform crucial aspects of healthcare, and in doing so protect people at their most vulnerable. Biometric authentication can drive up clinical standards, protect staff and patients, and combat fraud. When used in large-scale private and public healthcare systems such as hospitals, doctors’ offices, national or regional medical insurance programmes those benefits can be very substantial and can make a life-changing difference.
Access to records
Healthcare professionals (HCPs) view medical records for many reasons: research, individual treatment plans, insurance reimbursement or payment schedules and diagnostics are just a few. However, medical records are among the most sensitive personal data, so great care must be taken to protect them.
Broadly speaking, HCPs can only look at records they have good reason to look at and most organisations and healthcare facilities have robust protocols in place to ensure that. However, those protocols often rely on outdated authentication methods such as PINs and passwords, which are known to be unreliable. As a result, they are vulnerable to breaches, interception and even theft.
With many healthcare providers seeking to increase the digitisation of information, including medical records, the vulnerability of outdated protocols is an ethical, financial and reputational concern. Healthcare organisations that inadvertently allow the wrong people to access records or sensitive data may incur large penalties under data protection laws or through civil prosecution by aggrieved parties. What’s more, the resulting publicity can undermine the confidence of patients and clinicians.
Fingerprint biometric authentication reduces such risk because unlike PINs and passwords, fingerprints are unique and cannot be lost, forgotten or shared. What’s more, when fingerprints are stored locally on a smart ID card to access information, no matter if it is held in a storage cabinet or devices, they are not stored centrally so cannot be copied or stolen. That’s why biometric authentication is ideal when security is paramount.
Fighting fraud
Fraud is a major headache for most healthcare providers, funders and insurers, and every year money that could have been spent on medical care and treatment goes towards fighting crime instead. Despite this, prescription fraud alone costs the NHS around £25,000,000 annually.
Other types of fraud include the use of services by people who are not entitled to them or who have no intention of settling their medical bills, and the use of multiple fake identities by individuals who abuse health provision, for example by securing multiple prescriptions for the same controlled drug.
Honest errors also occur. Healthcare providers and funding bodies generally operate at scale and hold thousands, if not millions, of records. Often these are kept at various sites and in a range of formats or systems. With patients frequently changing names and addresses, it’s hardly surprising that even the most robustly-managed database is likely to contain duplicate records, out-of-date information and straightforward mistakes. Even where records are regularly audited, there is still a vulnerable time between audits.
Its unequivocal nature makes fingerprint ID perfect for these situations. If patients’ identities are verified using fingerprints, rather than the current variables of name, date of birth and/or patient number, the risk of misidentification is greatly reduced. Not only is this much more clinically and ethically safe, it has the potential to save — from the very outset — millions in revenue and ultimately, increase patient satisfaction by reducing healthcare errors.
Keeping staff and patients safe
Nowhere is safety more important than in healthcare. As a result, most healthcare facilities are partially locked down; even in a public hospital, clinic or surgery the ‘staff only’ areas have door codes or swipe card entry. But once again, these often rely on PINs (easily stolen by ‘shoulder-surfing’ as a staff member taps in their code) or credit card-style ID cards that are easily stolen and duplicated.
Fingerprint authentication, especially where the prints are stored on a smart ID card, is a better guarantor of staff safety. It can also be used to limit access to wards and treatment areas, protecting patients too.
In medical terms, it is vital that clinicians are certain of every patient’s ID. Patients’ identities are linked to their records, treatment plans and future plans (such as transfer to another health or social care facility). Most importantly, they are linked to crucial details such as blood type, drug sensitivities and even body parts waiting for transplants.
HCPs know how important these things are: transfusing a patient with incompatible blood may kill them, as might the administration of penicillin to a patient acutely allergic to it.
The use of fingerprint biometric authentication can safeguard against this thus it has huge potential for changing — and saving — lives. If patients are linked to vital items by a smart ID card, the risk of error is dramatically reduced. In operating theatres and the emergency department — where patients may arrive unconscious, with no means of ID and needing urgent intervention — accurate authentication really matters.
The way forward
It is clear that, wherever authentication is critical, biometric identification is the way forward. Healthcare is a superb example of this. With the roll-out of fingerprint authentication as a standard, clinical, regulatory and financial outcomes are likely to improve: and that’s great news for HCPs, funding bodies, insurers and patients alike.
Executive and Board level Management executive with a proven track record of business growth and delivering exceptional financial performance. Skilled in Business Development, Product Management (B2C), Strategy (New Business Development, payment processing, identity verification, card issuing/less payments), and Business Strategy technology. I have strong commercial, analytical and financial skills backed up by more than several years' experience gained within large corporates and FTSE 100 companies
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.