“We predict that healthcare companies will remain one of the most targeted sectors by attackers, driven by the high value compromised data can command on the black market, along with the continued digitization and sharing of medical records.”
“Your medical information is worth 10 times more than your credit card number on the black market.”
Medical records have a lot of financial value. Typically, a medical record contains patients’ PII (Personally identifiable information) and PHI (Protected Health Information) data which can be exploited for significant financial gains. There have been numerous instances of patients being swindled for large sums of money by imposters using their stolen medical identity and availing of the health benefits due to them.
Traditional password-based authentication is proving ineffective in curbing the theft of medical records. In such a scenario, biometric fingerprint based login and authentication systems have emerged as an effective way of enhancing the security of patient’s data.
This article first takes a look at what are the risks associated with using a password based system. It then looks at fingerprint based authentication systems as the solution. This is followed by an explanation of how enrollment and authentication works for fingerprint based authentication. Finally, the article explains how patient data is secured using fingerprint based login from both the aspects of accurate patient identification and prevention of data breach when healthcare applications are accessed by staff.
Passwords have outlived their usefulness
Passwords have been used extensively for the past few decades for securing access to digital assets. However, passwords are insecure by their very nature as they belong to the category of “something you know”. Password-protected systems can be accessed by anyone who “knows” the password.
Many-a-times users share their passwords over phone or chat. Many users jot down their passwords for easy remembrance. If a person with malicious intent gets hold of the shared or written password, then there is nothing preventing him from accessing the system and stealing the information. Password-based security is thus very fickle in nature.
Biometric fingerprint based authentication systems as the solution
Fingerprint login based authentication system use fingerprint scans of individuals to determine whether they have access to the system. The authentication mechanism is divided into two steps –
This step is akin to a “user registration” in a typical application. Apart from the user’s other details such as name, age etc. his fingerprints are scanned. The captured fingerprints will then be “read” using sophisticated pattern recognition algorithms. These pattern recognition algorithms use established scientific methods of fingerprint identification to create a digital representation of the fingerprints. The digital representation, known as a biometric template, is stored in the database against the user.
When the user needs to login into the system, he presents his fingerprints for scanning. The fingerprints are scanned and converted to the equivalent biometric template just like in enrollment. This biometric template is then matched against all the enrolled templates stored in the database. If the scanned fingerprints’ biometric template matches that of any of the users enrolled in the database, then the user is authenticated. He is provided the authorization levels of the user he is identified as. If, however, no match for user’s fingerprints is found in the database then he is not allowed to proceed.
Security aspects for patient information
Patient information stored in the healthcare system’s database has to be secured from two aspects – patient identification and healthcare staff’s access to the healthcare applications.
Let us look at both these aspects and the role played by fingerprint-based login in securing them –
Correct identification of the patient presenting himself for treatment at the hospital is very essential.
Every patient has a unique record in the MPI (Master Patient Index) database. All the treatment related details of the patient are stored his record in the MPI database. In addition, his healthcare benefits, such as his health insurance, are mapped to his record in MPI.
If an imposter presents himself in place of the patient, and is able to prove his identity, then he can avail all the healthcare benefits which were due to the person he was impersonating. This is known as medical identity theft.
Medical identity thefts can be effectively prevented by using fingerprint based authentication mechanism. In a fingerprint based login system, he needs to go through enrollment step first when his fingerprints will be mapped to his newly created MPI record. Then onwards, whenever he presents himself for treatment, he simply has to get his fingerprints scanned. If his fingerprints match with a patient record in MPI then he will be identified as a genuine patient, else he will be turned away. This way, using simply his fingerprints, a patient’s identity can be protected effectively.
Healthcare staff’s access to healthcare applications
Healthcare staff is provided access to the healthcare applications as they are responsible for updating the treatment details of patients. There have been instances where healthcare staff has shared their passwords with colleagues or even lost their handheld devices. This has led to patient data breaches which has caused financial losses to both the patient as well the healthcare provider.
Fingerprint based login, when implemented for all the healthcare staff members, secures the healthcare applications from unwanted access. Healthcare staff will need to be enrolled once and then authenticated every time they access the devices as well as healthcare applications.
Fingerprint login based Biometric Single Sign-On (Biometric SSO Solutions) have proven to be highly beneficial when implemented for healthcare service providers’ systems and applications. On one hand the fingerprint login aspect guarantees that only authenticated and authorised personnel can access the devices and the applications. On the other hand, the Biometric Single Sign-On System provides the feature of logging in the staff member in all healthcare applications at once.
Fingerprint login based Biometric Single Sign-On (Biometric SSO) increases the staff member’s efficiency manifold as he doesn’t need to login in all individual applications. Just one login is sufficient across all applications. This saves him a lot of time which can be especially handy during emergencies.
Patient information security can be effectively strengthened with the use of biometric fingerprint based authentication systems. Fingerprint based login access has none of the disadvantages of the traditional password based authentication and is unique for every individual. In addition, fingerprint based authentication can be used both for accurate patient identification to prevent medical identity thefts, as well as for healthcare staff’s login management to prevent healthcare data breaches. Biometric fingerprint based authentication is thus very effective in securing patient information.