The role of ID cards in Healthcare

Outdated Systems

Healthcare organisations retain a large volume of often complex data for each patient or partner organisation that is often saved on outdated systems. These systems can be expensive to update and hard to improve with better protection capabilities. Hence most healthcare organisations abstain from making technical changes which leaves them especially vulnerable to security breaches.

Constant Change to Role Based Access

A daunting challenge for any IAM solution in the healthcare space is to keep up with the ever-changing role-based access to which healthcare providers are entitled. Given the fluid nature of roles that doctors, nurses, physician assistants assume, it is imperative that any technical solution grants access to the right people at the right times and more specifically at the time when they need it most. One essential feature of a robust IAM solution is that access is revoked when roles change and/or healthcare professionals leave a particular team, department or organisation.

Large, disparate user populations

This is especially important in the case of an integrated medical care environment or when a government of a country is trying to create an efficient e-health platform. Managing various stakeholders including patient and family along with the healthcare provider, insurer, employer etc. becomes a herculean task for the most robust of IAM solutions.

Username and Password is no longer enough

Authentication has to look beyond mere username and password. Additional measures such as multifactor authentication and breached password detection facilities are now commonplace. Furthermore users cannot be expected to remember and manually enter a different set of credentials for different services. Not only is manual entry cumbersome and subject to the vagaries of memory but it will also waste precious minutes that users – especially in an emergency – simply cannot spare.

The role of ID cards

Issuing a single, secure, multi-purpose credential is the way forward. Such a multi-purpose solution can:
• Support both identity and payment
• Provide a secure vehicle for portable medical and vaccination records
• Secure access to emergency medical information
• Enable compliance with government initiatives and mandates

Smart cards should be one of the first options to consider where personal identity, privacy, security, convenience, and mobility are key factors. The biggest benefit of smart cards in the healthcare space is that they can be used as a trusted primary data repository that is constantly in the care of the patient, i.e. the ownership of personal medical information rests with the patient rather than with healthcare providers and insurance companies until such time that a patient gives these entities access to it. Smart cards thus empower patients to be active about the healthcare services they receive.

Discover more in our paper, Identity in Healthcare