biometrics for patient identification should be a priority project

Biometric Patient Identification Implementation Should Be Higher On The Priority List

biometric patient identification should be a priority project

Are healthcare organizations evaluating the proper criteria to prioritize enterprise IT Projects? (Photo courtesy of pixabay:

The following post was submitted by Brad Marshall, Enterprise Development Consultant with RightPatient®

As someone with a long track record of implementing enterprise IT solutions in healthcare, I frequently observe hospitals “shuffling the project deck” as they compare and contrast the merits and return on investment (ROI) of each initiative in order to determine which makes the most sense to allocate budget dollars. Does politics at times play a part in the decision of which technology projects eventually get approved? Yes, at times. Are there often misinterpretations of the value that an enterprise IT project can offer in both the short and long term? Absolutely. Do hospitals often place a high priority on implementing projects that in reality, should be pushed further down the list in lieu of the value that another project brings to the table? Definitely.

Case in point: the implementation of biometrics for patient identification in healthcare. Although I am obviously biased towards this technology since I work for a company that has helped many hospitals throughout the world see the benefits of using it to increase patient safety, prevent duplicates and overlays, and protect patients from medical identity theft and fraud, it doesn’t alter the facts about how implementing biometrics before making a commitment to other competing enterprise software projects is something more healthcare organizations should consider. Why? Let’s look at some specific examples of alternate enterprise project implementations that would actually benefit and see performance improvements if a biometric patient identification project deployment took preference:

1. EHR Projects – Although the implementation or “switch” to another EHR vendor is perhaps one of the most complicated, time consuming, and resource-intensive enterprise software projects a healthcare organization will ever undertake, the implementation of a biometric patient identification system prior to embarking on an EHR project is a smart idea. Why?

Our experience has shown that there is always an uptick in duplicate medical records when you are initially implementing or switching to a new EHR system, primarily because staff are adjusting to new workflows and are less likely to catch duplicates the first few months. Since duplicate medical records present a direct threat to patient safety and a serious treatment error risk to healthcare organizations, their prevention should be priority #1 for any modern EHR system. 

I am not necessarily advocating the push for budget dollar allocation to biometric patient identification over an EHR project, however implementing a biometric patient identification solution before an EHR Go Live will make it more successful by immediately eliminating the possibility of creating duplicate medical records and overlays and prevent staff from making registration and patient identification mistakes while learning the new system.

2. Duplicate Medical Record “Clean-Up” –  Often times, I run across hospitals that may be evaluating the implementation of a “duplicate medical record clean-up” project prior to deploying biometrcis for patient identification. Without discounting the importance of purging duplicate medical records from any EHR database, the argument for why hospitals should consider the use of biometrics for patient identification is clear — healthcare organizations will successfully perform a “de-duplication” cleanup but continue creating duplicates until they implement stronger patient ID technology and will most likely have to do another cleanup down the road. 

Keep in mind that it only takes one – ONE – mistreatment at the hands of incorrect, missing, or incomplete medical data due to duplicates or overlays to result in harm, or possibly even death of a patient. Ask yourself, are you willing to assume the risk of medical errors to patients and the repercussions (which often can include hundreds of thousands, even millions of dollars in legal fees and compensation) of these errors for the short term gain of a “clean” master patient index (MPI)? Chances are, you aren’t willing to take that risk which leads to a stronger argument to implement biometrics for patient ID prior to launching a duplicate medical record clean-up initiative.

3. Big Data and Analytics – These are project priorities that perhaps perplex me the most, especially in the context of establishing higher data integrity when preparing to join a health information exchange (HIE), or as part of a merger that joins separate Integrated Delivery Networks (IDNs).  If a healthcare organization is seeking to allocate budget dollars to initiatives that advance data integrity, that’s good news. No one will argue that the healthcare industry simply has to better understand and find wisdom in the terabytes of data their systems possess to help advance the “triple aim” and deliver higher quality care, especially as more disparate networks are attempting to share data . However, the problem is that allocating budget dollars to these deployments is the quintessential “cart before the horse” mentality.

Instead of placing more emphasis on cleaning existing “dirty” data, healthcare organizations are rushing to the HIE table for fear of losing a seat or appearing indifferent to their patients and the industry wide push on sharing and making health data more accessible. What good is joining a HIE (or merging IDN’s) in the absence of technology that ensures that not only is the data you share clean and all medical data is properly attributed to the correct patient, but also guarantees that the data will STAY clean to give you the confidence that clinicians truly have a complete picture of a patient’s health and medical history when administering care. 

I’m reminded of a story that is a perfect illustration of why implementing biometrics for patient ID should take precedence over many other health IT projects, especially those that address data quality.

Years ago I worked for a local YMCA that had a leaky roof over the gymnasium. Each time it would rain heavily, staff would be scrambling to place buckets around the gym floor that would strategically catch the water leaking from the roof. The leaks would cause event and class cancellations, disrupt workout schedules, and generally leave paying members feeling a bit frustrated. YMCA management then made a decision to replace the aging, wooden gym floor with a new model that was built with a soft rubber substance – a radical new technology that was supposed lower the impact and strain of running on a hardwood surface. They then spent tens of thousands of dollars replacing the floor, and as you may have guessed, the next time a powerful storm came through, it leaked water all over the new gym floor. The irony in this situation of course is that management should have allocated the funding to fix the roof before they had the new floor installed.

As we continue to help the healthcare industry understand the advantages of implementing biometrics for patient identification, we understand that many healthcare organizations are not flush with cash to haphazardly allocate to any enterprise project that comes down the road. There are many mission critical projects that simply take precedence in the broader scope of improving the quality of care. Shouldn’t the deployment of biometrics for patient identification be one of them?

Brad Marshall works for RightPatient - the industry's best biometric patient identification solution.

Brad Marshall is an Enterprise Development Consultant with RightPatient®. With several years of experience implementing both large and small scale biometric patient identification projects in healthcare, Brad works closely with key hospital executives and front line staff to ensure project success.


mhealth requires strict patient identificaiton

UCLA Breach Reinforces Importance to Protect Patient PHI

mhealth requires strict patient identificaiton

The recent UCLA data breach is a strong reminder that healthcare organizations should consider the use of biometrics such as facial or voice recognition to protect patient PHI on mobile devices and patient portals.

It’s probably unfair to say that the recent UCLA Medical Center data breach that potentially exposed the personal health information (PHI) of 4.5 million patients was a wake up call for the healthcare industry to implement tighter data security protocols. In fact, it wasn’t a wake up call at all.

Healthcare data breaches have proliferated over the last five plus years, and the Health and Human Services (HHS) public “wall of shame” list of healthcare data breaches involving 500 or more individuals is…well….let’s just say a tad crowded. Since HHS began the list in 2009, 1,265 breaches exposing the records of nearly 135 million people have made the list. Ouch. The UCLA data breach isn’t groundbreaking news, it is simply another chapter in the long novel of healthcare data breaches that have placed millions of patients at risk by exposing their PHI and in some cases, social security numbers and personal demographic information. 

The UCLA breach also foreshadows rising demand for tighter security protocols to protect PHI from unauthorized access on patient portals, mobile devices, and other new touchpoints. This rise of additional patient touchpoints to access PHI has vaulted establishing tighter security controls into the spotlight beyond traditional means of authentication. History has shown that username/password-based security is inadequate on mobile devices, yet healthcare organizations continue to adopt technology that uses this method to authenticate patients. Considering the high stakes to protect patient PHI, the UCLA data breach wasn’t a wake up call – it moved the needle to protect patient PHI to Defcon 1. 

The HIPAA Privacy Rule mandates that healthcare organizations secure remote access to PHI data as a safeguard for patient privacy and to eliminate data breaches that can lead to fraud and medical identity theft. The introduction of touchpoints such as patient portals and mobile devices changes the dynamic of protecting patient PHI because it demands adopting strategies that include using modern patient identification systems yet many healthcare organizations continue to rely on antiquated security solutions.  

Healthcare organizations must now consider patient identification systems that can address accurate authentication at each and every touchpoint along the care continuum, far beyond simply implementing technology that covers patient ID at office visits. 

Implementing accurate patient identification when accessing PHI from mobile devices and patient portals must balance strong security with convenience and speed, which is why technologies such as facial and voice biometrics are gaining popularity. The use of biometrics to protect patient PHI is a smart investment, especially if healthcare organizations deploy a solution that offers the flexibility to be used during hospital/office visits and on each and every touchpoint a patient now has the ability to utilize as a means to access health data. Biometric patient identification solutions offer stronger security than user names and passwords and have proven to be more efficient and convenient by eliminating the need and frustration to remember multiple login credentials.

As we experience a sharp rise in patient driven interactions within the healthcare system that offer more avenues for criminals and hackers to access PHI, it is critical that healthcare organizations implement modern identification solutions that have the ability to better protect this information. Biometrics to protect patient PHI is quickly gaining attention as a security solution that can serve this need. Although it’s impossible to determine whether or not biometrics could have helped prevent hackers from obtaining access to protected patient PHI in the UCLA data breach, the use of this technology can help to offer a secure layer of protection that can deter hackers from even attempting to try.


cleaning an iris camera for patient identification in healthcare

How to Properly Clean an Iris Camera

cleaning an iris camera for patient identification in healthcare

As more hospitals adopt iris recognition for patient identification, it is important to establish a hardware maintenance initiative to maximize return on investment.

The following guest post was submitted by Joe Kubilius, Director of Product & Process Management at RightPatient®

Advantages of using iris recognition

The use of iris recognition for patient identification in healthcare is rising fast. When hospitals are presented with hardware modality options for deployment, most choose to use iris recognition for these distinct advantages:

1. Hygienic/Non-Invasive – Iris cameras do not require physical patient contact to capture biometric credentials, ensuring a safe, hygienic environment and drastically lowering the risk of patients acquiring hospital borne illness through the spread of germs and bacteria. In addition, no visible lights or lasers are used when capturing a patient’s biometric credential – they simply have their picture taken.

2. Accuracy – Iris recognition is widely considered to be the most accurate form of biometrics across the entire industry. The iris offers more detailed input when constructing biometric enrollment templates than fingerprints or facial recognition and represents one of if not the most unique biometric credential of the human body. The chances of two people having the same iris pattern is 10⁷⁸! Plus, iris recognition relies on one to many biometric matching — the only true way to prevent duplicate medical records/overlays, identify unconscious patients, and prevent medical identity theft and fraud at the point of enrollment.

3. Stability: Did you know that the human iris completely forms at 10 months of age and remains stable throughout your life? Just about every other human biometric attribute can change over time which has a negative impact on system performance and possibly requiring frequent re-enrollment. 

4. Speed – Iris recognition is extremely fast, typically returning results in 3 seconds or less even for databases containing millions of records.

As hospitals increase their use of iris recognition, it’s important to remember that hardware maintenance is key to maximizing ROI and avoiding hardware replacement costs. Responsible investments in biometric solutions requires establishing an ongoing hardware maintenance initiative to ensure longevity and optimal system performance.

How to clean an iris camera

Even though patients do not come into direct contact with an iris camera, staff may have limited positioning contact with the device to ensure it properly captures quality photographs. Plus, considering the fact that these devices are used in a healthcare environment, patients or staff may accidentally sneeze or cough on or near the camera causing a need to disinfect. What’s important to remember is that these devices are digital cameras and just like any other biometric hardware device used within a hospital setting, need periodic maintenance to ensure optimal performance. Here are the proper steps to clean an iris camera:

Materials Needed:

  • Use either a 70%~83% Ethanol mix solution or 70% Isopropyl Alcohol (IPA) as the cleaning agent
  • Only use a microfiber cloth to clean the camera


  • Apply a small amount of ethanol to microfiber cloth and wipe with care but do not rub too hard
  • Wipe camera with a dry microfiber cloth


  • Rubbing with pure alcohol could run the risk of removing the paint or finish from the camera
  • Do not use disinfection medicine with Benzene, Methanol and Acetone as a cleaning solution on the camera


Properly maintaining biometric hardware is key to maximizing ROI and eliminates fees for replacement cameras. Plus, to achieve optimal system performance that ensures patient enrollment success and 100% identification accuracy requires ongoing maintenance that includes cleaning the iris camera when needed. We hope these tips have been helpful!

Director of Product & Process ManagementJoe Kubilius is Director of Product and Process Management with RightPatient®. With over 10 years of experience in the design, development, and implementation of biometric identity management solutions, Joe has been integral to the success of hundreds of large and small scale deployments across the globe.

Read more

fingerprints can be used to identify patients in healthcare

The Advantages of Dual vs. Single Fingerprints for Patient ID in Healthcare

fingerprints can be used to identify patients  in healthcare

Considering the use of fingerprints for patient ID in healthcare? More hospitals are evaluating the advantages of dual fingerprints over single image capture devices.

Fingerprints for Patient ID

One of the hallmarks of an efficient and value added biometric patient identification vendor is their ability to offer a choice of biometric modalities to deploy. If you prefer to use fingerprints for biometric patient identification, there are some important factors to consider when assessing hardware to ensure patients can be easily enrolled and accurately identified. Fingerprint biometrics have evolved over the years, and there are many new scanners available that offer distinct advantages over legacy models, most notably the use of dual finger scanners over single image capture devices.

Let’s explore why dual fingerprint scanners pose a greater advantage for patient identification in healthcare.

Dual vs. Single Fingerprinting

Is there a difference? Absolutely. Deciding to use a dual vs. a single fingerprint reader for patient ID in healthcare is a smart decision for several reasons:

1. Higher accuracy & reliabilityDual fingerprint readers have the ability to capture two single prints simultaneously, offering enhanced accuracy for identification and verification versus single-finger scanners. A two fingerprint scanner is also more effective at guiding a patient to scan consistently. Patients can touch a single finger various ways which could lead to more frequent cases of false-no-matches. However, with dual fingerprint reader, patients can’t make these scanning inconsistency mistakes because the device will not return a match (or non-match) unless fingers are properly placed on the scanner.

use dual fingerprint readers for patient identification in healthcare

Dual fingerprint readers offer many more advantages than single image devices including higher accuracy and reliability.


2. EligibilitySince approximately 10% of the patient population can’t consistently provide high-quality images for enrollment or identification, adding a second finger to a biometric template decreases the percentage of patients who are unable to successfully use fingerprints for identification. Skin integrity can be affected by factors such as age, environment, and working conditions and is an important factor for the success off a biometric fingerprint patient ID deployment. Remember, the end goal for any biometric patient identification deployment is to enroll as many patients as possible to maximize system value, so the less patients that are eligible to enroll, the higher the risks are for misidentification which can lead to: duplicate medical records/overlays, medical ID theft, fraud — all direct threats to patient safety. 

Plus, dual fingerprint readers are considered to be more effective devices to read dry, blurred, wet, damaged, or scarred fingers that diverse patient populations can have.

3. DurabilityMost dual fingerprint readers are designed and built to be versatile hardware devices with durability to be used in high throughput environments such as healthcare that can endure long term heavy use before the end of their life cycle. Single finger print readers have a shorter shelf life, and must be replaced more often due to their less durable construction.

4. AfffordabilityDespite their clear advantages over single image fingerprint readers dual fingerprint readers remain affordable hardware devices for patient ID in healthcare. Dual fingerprint readers for patient ID in healthcare also retain a small form factor to allow their affordable, widespread distribution throughout a health network.

5. Versatility Dual fingerprint scanners enjoy the same versatility as single print devices to be deployed in a host of different environments including use with mobile devices, an increasingly important environment to ensure accurate patient ID along the entire care continuum. 

Curious to see a dual fingerprint reader in action? Take a look at this demo video to learn more about their advantages and how they work:


Considering the use of fingeprints for patient ID? What other questions do you have that we can answer?

establishing accurate patient identification in healthcare is critical

CHIME Breathes New Life Into Patient Identity Crisis in Healthcare

establishing accurate patient identification in healthcare is critical

Did CHIME’s recent letter to Congress stressing the importance of establishing a national patient identifier light a fire under the government to act?

Last week, word came from Washington D.C. that the College of Healthcare Information Management Executives (CHIME) included language in a letter written to the Senate Committee on Health, Education, Labor & Pensions that accentuated the importance of accurate patient identification as a key component to ensure patient safety. In the letter, CHIME CEO Russell Branzell wrote:

“The accurate and effective matching of patients with their healthcare data is a significant threat to patient safety. We must first acknowledge that the lack of a consistent patient identity matching strategy is the most significant challenge inhibiting the safe and secure exchange of health information. As our healthcare system begins to realize the innately transformational capabilities of health IT, moving forward toward nationwide health information exchange, this essential core functionality consistency in patient identity matching must be addressed.”

Kudos to CHIME for resurrecting this issue and calling intention to its importance in the scope of the new healthcare industry paradigm of fluidly sharing patient data both in and outside of healthcare networks to advance to goal of improving both individual and population health. In their letter, CHIME and Branzell also recommended that Congress remove the prohibition levied on HHS every year since 1999 that prohibits the use of federal funds for the development of a unique patient identifier. 

CHIME’s actions are extremely significant in the overall scope of inching closer to the establishment of a national patient identification credential because they are arguably the most influential healthcare lobbyist on Capitol Hill representing the general views of over 1,400 members around the world, many of which are healthcare CIOs — a very powerful voice in health IT. The root of the patient identification problem at hand stems from multiple sources – lack of industry standards, a lack of consistency on how patient data is collected, and the public’s perception that they don’t have to show ID when accessing healthcare, just to name a few. Couple that with the aggressive push to establish concrete interoperability between healthcare systems for the seamless exchange of patient health data and you can see where the conundrum lies.

We have always thought that initiatives set in motion by the healthcare industry championing interoperability have always been sort of a “cart before the horse” scenario. Realistically, how can the healthcare industry expect to achieve meaningful interoperability when one of the core issues to reaching that goal (accurate patient identification) gets little to no attention as a key factor in its success? Furthermore, lack of a sustainable, federated patient identification credential inhibits progress towards the “triple aim” of healthcare — improving the patient experience, improving population health, and reducing the per capita cost of care.

Think the situation could get more complex? Don’t worry, it does. When you factor in the explosion of patient touchpoints permeating the healthcare market (e.g. mobile devices, patient portals, mhealth apps), the patient identification issue becomes much more stickier. As the multitude of channels patients can now submit and access health data to grows, any national patient identification solution must have the ability to address accurate patient identification at each and every touchpoint patients come in contact with. No longer interactions in strictly brick and mortar environments, administering care to patients has slowly evolved in lockstep with the rise of digital health capabilities, pushing the urgency to implement stricter patient ID protocols in an effort to ensure accuracy and safety.

Data accuracy in healthcare is unlike data accuracy in any other industry. Consumers can always rectify banking errors for example, but errors in interpreting inaccurate or missing health data can be matters of life and death adding even more urgency to solving the patient identification dilemma.

As we move closer towards opening the door even wider to advanced discussions on the issues surrounding patient identification within the U.S. healthcare system, you can bet that CHIME will continue to be a strong voice and influential entity to mold and shape future policies that address the need to establish more accuracy at each point along the care continuum. 

What are your thoughts on CHIME’s statements to Congress? Will their efforts help left the moratorium? Please let us know in the comments below.