RightPatient-for-accurate-patient-identification-in-healthcare

In Your Face: The Future of Federated Patient Identification

RightPatient-for-accurate-patient-identification-in-healthcare

The following guest post was written by Michael Trader, Co-Founder and President of RightPatient®

The Patient ID Problem

The recurring and complex issue of how to establish and maintain accurate patient identification in healthcare and how to establish a federated patient identity is getting a lot of attention these days. Accurate patient identification in healthcare is a topic that has always garnered attention and concern, but perhaps it has gained momentum and urgency due to the rapid digitization of the industry and the concerted push for interoperability and national health information exchange to improve individual and population health. The push for increased interoperability could make patient data matching errors and mismatches exponentially more problematic and dangerous and it is widely believed that inadequate patient identification continues to jeopardize patient safety and artificially inflate the cost of care.

RightPatient-for-accurate-patient-identification-in-healthcare

Can the use of facial recognition biometrics help establish a federated patient identity credential in healthcare?

Opinions on the most effective patient identification and patient matching strategies run the gamut. Some say standardizing patient demographic data will help, others feel that establishing a national patient identifier is the answer to the problem. What’s clear is that in the absence of any broad improvements to patient identification, the goal of establishing longitudinal patient records reflecting a patient’s experience across the care continuum, payers, geographic locations, and stages of life, will remain elusive. 

One idea that is catching on with healthcare providers to help improve patient identification in healthcare is capturing a photo during registration that is linked to a unique electronic medical record. 

Use of Patient Photos Increasing

Nearly 2.3 million people were victims of medical identity theft in 2014, according to the “Fifth Annual Study on Medical Identity Theft” released earlier this year by the Medical Identity Fraud Alliance (MIFA), an industry trade association of healthcare providers, payers and service providers – a 21% increase over the 2013 number of 1.8 million. Medical identity theft and healthcare fraud continue to be a pervasive problem throughout the industry and in the absence of a solution, the problem is only going to get worse as millions more Americans are brought into the healthcare fold through Obamacare. 

To help fight the increase in medical identity theft and to ensure a patient’s identity is accurately verified at each step along the care continuum, many healthcare facilities are capturing a patient’s photo at registration and linking that to a unique electronic medical record. The idea is an attempt to protect patient privacy, ensure accurate insurance benefits and subsequent reimbursement, and connect a face with a name, providing another option for identification besides date of birth. The idea is catching on quickly and many are embracing the use of patient photos to increase security and improve patient safety, but what often goes unrealized is the potential for a patient photo to be leveraged as a unique identification credential across the entire care continuum.

Leveraging Patient Photos for a Federated Identity Across the Care Continuum

Whenever we hear the words “patient identification” most of us envision sitting across a registration desk at a hospital or doctor’s office providing demographic data and our driver’s license and/or insurance card. However, patient identification in healthcare has evolved to now include accurate identification at each and every patient touchpoint along the care continuum including patient portals, mhealth apps, telehealth, and home health just to name a few. One of the smartest strategies to ensure accurate patient identification at any point along the care continuum is to capture a patient’s photo at registration and then leverage that photo along the care continuum through biometric facial recognition technology. 

Let’s take patient portals for example. Most of us know that Meaningful Use Stage 2 mandates that healthcare providers provide patients the ability to electronically view, download, and transmit health information. The most popular means to that end is the increasing use of patient portals yet many providers rely on antiquated identification protocols such as user names and passwords to protect access to this personal health information (PHI). The problem is relying on user names, passwords, and/or personal identification numbers (PINs) is risky and could potentially open the door to third party data breaches which are decimating the industry and exposing millions of patients’ PHI. 

As an alternative to using user names and passwords, consider a healthcare organization that captures a patient’s photo during registration. Not only is that photo visible to patient registration staff and clinicians at each episode along the care continuum as a second form of multi-factor authentication, but if a patient signs into a patient portal and the hospital has deployed facial recognition identification to authorize a patient’s identity prior to logging in, the hospital has just successfully leveraged that photo as an identification credential for access to their PHI. Same goes for mHealth apps. Biometric patient identification providers that offer the value and flexibility of facial recognition authentication can also help third party developers and healthcare providers add this technology to off-the-shelf (OTS) or custom mHealth apps as a more secure way of identifying patients with the ability to work with any standard camera. 

Coupled with the fact that 80% of patients are open to healthcare interactions on smart devices but remain highly sensitive to sharing health data, facial recognition biometrics for accurate identification has already proven itself as a more secure alternative than user names and passwords not to mention the fact that 69% of 16 -24 year olds recently polled indicated they believe biometrics will be faster and easier than passwords and PINs and half foresee the death of passwords by the year 2020.  

Writing on the Wall?

With predictions that 50% of smartphones sold by 2019 will have a fingerprint sensor and over a billion biometric mobile devices will ship worldwide by the year 2020 (all equipped with cameras sophisticated enough to use facial recognition), the evolution of patient identification in healthcare is tilting more towards the use of biometrics to replace user names, passwords, and PINs as the preferred method of authentication due to it’s increased security and the flexibility to apply the technology for accurate identification at more patient touchpoints borne from the rapid digitization of the industry. Considering the fact that 41% of consumers stress over smartphone mobile security and biometrics are already overtaking passwords as the de facto identification credential on smartphones, could this be the perfect storm for a rise in the use of facial recognition for accurate patient identification?

Responsible approaches to improving patient identification in healthcare must now include addressing accuracy at any touchpoint where a patient can now access PHI. The advent of facial recognition as a unique identifier in a singular or multi-factor environment is a smart answer to the challenge of ensuring a patient receives accurate care throughout the continuum no matter if they are physically present or accessing services from cyberspace.

Since more patients expect providers to ensure privacy and protect their PHI, is it time to more closely examine implementation of a patient identification solution that leverages biometric facial recognition? 

In Your Face: The Future of Federated Patient IdentificationMichael Trader is President and Co-Founder of RightPatient®. Michael is responsible for overseeing business development and marketing activities, government outreach, and for providing senior leadership on business and policy issues.

 

 

accurate patient identification in healthcare discussed during 09/11/15 #HITs,m tweet chat

#HITsm Tweetchat Highlights Progress, Obstacles for Patient Identification in Healthcare

accurate patient identification in healthcare discussed during 09/11/15 #HITs,m tweet chat
#HITsm Tweetchat Highlights Progress, Obstacles for Patient Identification in Healthcare

Healthcare professionals from around the world discussed the dilemma of achieving accurate patient identification in healthcare during the 09.11.15 #HITsm tweetchat. (Photo courtesy of HL7 Standards)

We had the honor of hosting the weekly #HITsm Twitterchat this past Friday centered on the topic of patient identification in healthcare. For those not aware of the #HITsm weekly chat, the HL7 Standards Web site deftly describes it as:

“…#HITsm is an acronym for “healthcare IT social media” and we focus on current topics that are influencing healthcare technology, health IT, and the use of social media in healthcare.” (courtesy of: http://www.hl7standards.com/hitsm-chat/)

The chat demographic spans a wide range of healthcare professionals — vendors, doctors, patients, industry experts, and even national professional healthcare organizations — all coalescing for one hour each week to discuss a wide range of topics related to health IT. 

Considering the importance of establishing accurate patient identification in healthcare and it’s ripple effect to many other aspects of care delivery, interoperability, accountability, and improving individual and population health, we selected this as a topic for the weekly discussion. Included in the discussion was an evaluation and assessment of the College of Healthcare Information Management Executives’ (CHIME) national patient identity challenge to determine if it will actually produce a solution that will eradicate the burdens of matching patient data and bring us closer to establishing higher data integrity, reducing medical errors, and improving care.

Topics for the chat included:

1. Establishing a national patient identifier continues to be a hot debate – will it ever materialize? Are there tangible benefits to a national patient identifier?
2. Will @CIOCHIME’s national patient ID challenge eradicate the burdens of matching patient data and bring us closer to establishing higher data integrity, reducing medical errors, and improving care?
3. Will true healthcare interoperability ever be realized in the absence of fixing the problem of inaccurate patientID?
4. Do patients now have an inherently larger role to ensure the accuracy of their medical records?
5. Does the explosion of mobile devices, telehealth, & mhealth tools raise the urgency level for healthcare providers to implement stronger patient ID technology?
6. What new patient identification technologies show promise to help improve patient matching and interoperability?

Responses, comments, and opinions to these topics were insightful and intelligent. Here is a list of select responses and feedback to some of the topics:

Topic 1: Establishing a national patient identifier continues to be a hot debate – will it ever materialize? Are there tangible benefits to a national patient identifier?

Topic 2: Will @CIOCHIME’s national patient ID challenge eradicate the burdens of matching patient data and bring us closer to establishing higher data integrity, reducing medical errors, and improving care?

Topic 3: Will true healthcare #interoperability ever be realized in the absence of fixing the problem of inaccurate #patientID?

Topic 4: Do patients now have an inherently larger role to ensure the accuracy of their medical records?

Topic 5: Does the explosion of mobile devices, telehealth, & mhealth tools raise the urgency level for healthcare providers to implement stronger patient ID technology?

          T5: Again, use case specific. Many of the use cases today won’t benefit from national pat id… BUT… not say to they won’t #HITsm

Topic 6: What new patient identification technologies show promise to help improve patient matching and interoperability?

           #HITsm T6 In healthcare, I would expect less fraud w biometric ID’s. Solves unconscious patient problem and the form time problem. #HITsm

A copy of the complete chat transcript can be found here.

As you can see from the selected tweets, the topic of achieving accurate patient identification in healthcare is not easy especially in the context of identifying a solution that can be used as a universal credential. We were pleased that the #HITsm tweet chat participants provided pragmatic, intelligent comments and insight to our questions demonstrating their keen ability to identify the root causes of achieving a national patient identifier and their tacit support for CHIME’s contest and prowess to thrust this complex issue into the national spotlight.

Our thanks to @OchoTex and @michenoteboom for providing us the opportunity to host their weekly #HITsm chat on patient identification in healthcare and for all of the healthcare professionals who participated!

tweet chat on patient identification in healthcare

RightPatient® to Host September 11th #HITsm Chat on Patient Identification in Healthcare

tweet chat on patient identification in healthcare

Join us this Friday from 11 a.m. to 12 p.m. CST as we host the weekly #HITsm tweet chat and discuss the conundrum of establishing accurate patient identification in healthcare. The College of Healthcare Information Management Executives (CHIME) recently issued a $1 million “national patient ID challenge” in an effort to find a universal solution for accurately matching patients with their health information. 

tweet chat on patient identification in healthcare

Join us on Friday, September the 11th for the #HITsm tweet chat where we will discuss CHIME’s national patient identifier challenge and the state of patient identification in healthcare.

Patient identification in healthcare has bubbled to the top of the health IT priority list since accurately identifying patients is perhaps the most fundamental element of ensuring data accuracy throughout the care continuum but a confluence of barriers has inhibited advancing initiatives intended to improve it and help increase patient safety. 

During the chat we will discuss CHIME’s initiative and debate on whether it truly has the ability to improve patient identification in healthcare plus we will talk in-depth about how inaccurate patient ID effects healthcare interoperability, the evolving patient role to ensure the accuracy of their PHI, new patient touchpoints that complicate the goal of implementing technology that improves identification accuracy, and which new patient identification technologies show promise to help advance accurate patient identification in healthcare.

Please join the discussion beginning Friday at 11 a.m. CST, 12 p.m. EDT by following the #HITsm hashtag.

Additional information about the topic and discussion can be found here.

What additional topics would you like to see added to the conversation on establishing accurate patient identification in healthcare?

RightPatient-helps-iidentify-unknown-or-unconscious-patients

Novant Health Uses Iris Biometrics to Identify Unknown Patient

RightPatient-helps-iidentify-unknown-or-unconscious-patients

It’s a familiar case. An unconscious or unknown patient arrives in the ER without any identification leaving clinicians to administer care in the absence of any medical history to review. This presents a serious patient safety risk since treating an unknown patient without the benefit of securing their identity is dangerous and can be a huge liability. What if they are allergic to a certain medication? What if they have a pre-existing condition that must be considered prior to receiving any treatment?

RightPatient-helps-iidentify-unknown-or-unconscious-patients

Novant Health recently used the RightPatient iris biometrics patient identification system to identify an unknown, disoriented patient.

Since these cases are more often trauma related requiring immediate attention, clinicians must take a risk and administer care in the absence of any historical medical data. An obvious threat to patient safety and a situation that clearly raises liability, healthcare organizations have long sought to adopt technology that can instantly identify patients in these cases without the need for any demographic information. 

The staff at Novant Health decided to proactively implement an iris biometric identification system throughout their network as a means to secure accurate patient ID and ensure that patients, no matter what the circumstances, are kept safe throughout the care continuum. Although adopting a biometric patient identification system to identify unconscious or unknown patients wasn’t the sole reason that Novant implemented this technology, they knew that by choosing to use iris recognition as their primary biometric modality they would be able to quickly and accurately identify any patient in these circumstances without having to ask for an additional identification credentials (e.g. – D.O.B.). 

How-Novant-Health-used-RightPatient-to-identify-an-unconscious-patient

Novant’s iris biometric patient identification system was recently put to the test when a disoriented, unknown patient arrived in the ER without any identification credentials. Novant staff quickly realized that they could take the patient’s photo with a RightPatient iris camera and if they had been previously registered in their Epic EHR database, the biometric patient identification system would recognize them and immediately pull up their medical record. Fortunately, the patient had previously been enrolled with the RightPatient system and their identity was instantly recognized after their photo was taken with the iris camera. A big relief to Novant staff since they were now able to not only access her medical history prior to treatment, but they were also able to quickly contact the patient’s relatives to inform them of the situation.

Thank you to our partners at Novant Health for sharing this story and demonstrating the value of using biometrics for patient identification in the context of keeping patients as safe as possible throughout the care continuum!

How often do you experience situations where patients arrive at your facility without identification credentials? Did you know that not all biometric patient identification solutions have the ability to identify unknown or unconscious patients?

free webinar on achieving accurate patient identification in healthcare

Free Webinar: The State of Patient Identification in Healthcare

free webinar on achieving accurate patient identification in healthcare

Accurate patient identification and data matching in healthcare to ensure patient safety along the care continuum is a complex challenge for most healthcare organizations. Common names, lack of proper ID, identity swapping, and the explosion of new patient touchpoints (mHealth apps, patient portals for example) to access personal health information (PHI) has created problems for organizations that still rely on antiquated methods of identifying patients and places them at a high risk of committing medical errors that could jeopardize patient safety.  

free webinar on achieving accurate patient identification in healthcare

The increased complexities of achieving accurate patient identification in healthcare raise questions about the most suitable strategies to implement. Join us on September the 10th from 1 – 2pm EDT for a free webinar on patient identification in healthcare.

Achieving accurate patient identification in healthcare is a key strategic goal of healthcare organizations across the industry as they continue to explore new technologies that have the ability to meet modern demands of the new digital health paradigm in the wake of the shift to a patient-centered wellness approach and a push to better understand the individual patient. Unified views of patient data across any care setting is a growing necessity despite the variability in data capture methods, systems, and a lack of patient identification industry standards.

In the absence of a unified view of patient data, healthcare organizations will continue to make medical errors with incomplete or inaccurate information. Access to accurate, complete PHI is one of, if not the most vital component to deliver quality, cost-effective care and the only way to accomplish this is to establish accurate patient ID at the point of registration/access so the patient’s entire medical history supports immediate care or a wellness event. Complete and accurate medical histories must be linked to any point along the care continuum to truly achieve patient-centered care.

Join us on September the 10th for a free webinar on the state of patient identification in healthcare and a comprehensive overview of strategies and technologies healthcare organizations can use  to improve and sustain accurate patient ID. Plus, we will address the growing use of biometrics for patient ID, explain how it’s being used, and what return on investment (ROI) hospitals have realized since implementing it at their facilities. 

Topics covered during the free one-hour webinar include:

• The current state of patient identification in healthcare
• Patient identification challenges
• Using biometrics for patient ID across the care continuum

Join us on September the 10th from 1pm – 2pm EDT as we explore the topic of patient identification in healthcare and offer an overview of how biometrics is a viable solution to increase patient ID accuracy and patient safety along the care continuum.

Tell a friend or colleague! This is your chance to learn from experts in patient identification, ask questions, and engage in the discussion. Have a question you would like to ask during the webinar? Please visit the webinar landing page to sign up and leave your question or write it in the comments below.

Looking forward to seeing you on September the 10th!

 

the use of biometrics to secure PHI access

Improving Patient Engagement with Secure PHI Access

the use of biometrics to secure PHI access
Improving Patient Engagement with Secure PHI Access

The explosion of mHealth apps and patient portals for PHI access demands more modern patient and clinician identification technologies than user names and passwords.

The following guest post was submitted by Michael Trader, President and Co-Founder of RightPatient®

The rise of digital health tools for PHI access

Encouraging patients to take a more active and engaged role in their healthcare has been a key focus of healthcare providers in the wake of Meaningful Use requirements. What began as an industry mission with specific benchmarks and goals has since manifested into the actual use of myriad digital tools and platforms that are educating, engaging, and working to empower patients to increase accountability and responsibility for their own health and, when applicable, the health of their families. In fact, a recent HIMSS survey on how mobile apps and portals improve patient engagement indicated that on the provider side:

  • 73% of organizations used app-enabled patient portals to increase consumer participation in their overall health and wellness goals as well as meet relevant Stage 2 and Stage 3 Meaningful Use requirements under the Medicare and Medicaid EHR Incentive Programs.
  • Nearly half of those polled stated that “implementation of mobile services for access to information is a high priority at their organization.” Additionally, more than half – 57 percent – indicated that their facility implements a mobile technology policy, which often has a focus on mobile health security capabilities.
  • About one-third of polled healthcare organizations stated that they provide “organizational-specific apps” to the patient community.

(source: http://mhealthintelligence.com/news/how-mobile-health-apps-portals-improve-patient-engagement) 

One important facet in the goal to improve patient engagement is providing easier and faster access to personal health information (PHI). Manifested through Meaningful Use Stage 2, the benchmark is stated as:

Provide patients the ability to view online, download and transmit their health information within four business days of the information being available to the EP. (source: https://www.healthit.gov/topic/meaningful-use-and-macra/meaningful-use

The idea is for healthcare providers to reach beyond traditional means of accessing PHI (think in person visits) and adopt digital health tools for easier, faster, and more convenient ways of accessing this data (think patient portals and provider mHealth apps). In concept, increasing the availability of tools and platforms to access PHI is a good thing — it caters to increasing patient demand to offer greater PHI accessibility through resources that offer more convenience and are in lockstep with the rise of the digital health movement. However, the explosion of digital tools for PHI access carries an inherent risk that patient identities will be compromised, stolen, or shared leading to a sharp increase in fraud and medical ID theft that poses a direct threat to not only patient safety and provider medical error liability, but also to the rising cost of healthcare. Not to mention the fact that the rising use of digital tools to access PHI compromises patient data integrity which is critical to maintain because of the ripple effect it has on the ability to provide accurate care along the continuum and the confidence it represents to successfully participate in health information exchanges (HIEs).  

Keep in mind that each time a perpetrator commits healthcare fraud or medical ID theft, the fallout of legal fees, settlement costs, and expenses to restore an identity are passed down to ALL patients in the form of higher fees for medical services. Therefore, collectively there is a pressing need to ensure that adoption of stricter and more secure methods of patient identification must run parallel to the rise in digital tools and platforms for safe access to PHI. Otherwise, patients may not be as willing to use these tools for fear of medical ID theft or unlawful access to their PHI data which directly compromises their safety, security, and privacy. 

Monetary damages are only the tip of the iceberg for healthcare organizations when discussing the impact of fraud and medical ID theft. It was been well documented that reputation can be negatively effected when patients perceive or a data breach confirms that healthcare providers are not taking the necessary action to increase PHI access security.

How can we correlate an increase in quality patient engagement with secure PHI access? Patient engagement is, without a doubt, a key linchpin to the success of healthcare’s triple aim. Simply stated, it is not possible for the healthcare industry to achieve the goals of lower costs, an enhanced patient experience, and improving population health in the absence of strong and sustainable patient engagement.

Securing PHI access for higher levels of patient engagement

Scour the internet for articles that cover patient willingness to use digital health IT tools to access PHI and you will discover that despite the industry wide effort to adopt tools that provide more convenient and faster access to medical data, few patients are actually doing so. In fact, a recent survey revealed that just 21% of respondents said they use the Web to access their health data. Meanwhile, 10% said they use e-mail and 40% view the data in person

The reason behind patient unwillingness to use mHealth tools and portals for PHI access runs the gamut from dissatisfaction with mobile health applications to challenges in finding and using instructions, data inaccuracy, and device malfunctions or data syncing issues. Furthermore, issues related to poor mHealth app and portal security have hampered more widespread adoption of these tools and stoked patient fears that their privacy could be compromised by using them.

Setting aside those with opinions that privacy can never exist in the healthcare industry, the link between patient confidence and trust that their identities and PHI are protected when using mHealth apps or patient portals is palatable and has a direct effect on their willingness to use these tools as part of their overall care.

First, it’s important to distinguish the difference between “privacy” and “security” as it applies to healthcare data. HIMSS does an excellent job of breaking down the differences:

“Privacy” is the right of an individual to make choices with respect to the collection, use and disclosure of their data; “security” is the safeguards – physical, administrative and technological – used to protect the confidentiality, integrity and availability of the data. Because the challenges are many, there is a tendency to focus on “security” in mHealth. Patient privacy cannot be achieved without adequate data safeguards; however secure devices do not necessarily preserve patient privacy.

One of the largest impediments to widespread adoption of mHealth tools, portals, and other digital health platforms is inadequate mobile security policies that fail to take into account the necessity of adopting more modern patient identification tools that are commensurate to the data they protect.  For example, most healthcare providers continue to use user name and passwords to protect patient identities when using mHealth tools and portals. While these may have once been permissible security protocols in the past, these identity verification methods are now considered antiquated and should be replaced. Even though user names and passwords have proven to no longer be secure enough to protect patient identities, almost all healthcare providers still rely on their use for mHealth apps and patient portals. 

Secure PHI access requires modern patient and clinician ID technology

If healthcare providers expect patients to adopt mHealth tools and patient portals as a more convenient way to access PHI, the implementation of stronger and more secure identification technology is critical. Most healthcare security experts agree that due to the large amount of PHI data moving across provider locations via mHealth apps and patient portals, stronger security is needed to prevent data breaches if a patient’s identity is compromised. Plus, the increasing complexity of mHealth apps and their distinct ability to sync PHI data across multiple devices raises important questions about how to properly protect patient privacy  to ensure HIPAA compliance for these new tools. 

Securing PHI access is not limited to patient interactions with mHealth tools or patient portals however. A sound strategy to secure mobile and remote access to this sensitive data is required not only for patients, but also for any clinician that has access to mobile technologies. A 2014 HIMSS Analytics Mobile device study reported that:

…approximately one-quarter of US hospitals (28 percent) reported that smartphones are in use at their organization. On average, 169 devices are deployed per hospital. In comparison, 24 percent of US hospitals reported that tablet computers are in use at their organization, with an average of 37 devices deployed per hospital. (source – https://capsite.himssanalytics.org/assets/Uploads/2014-Mobile-Essentials-Brief-TOC12914.pdf)

Healthcare organizations must plan to implement a technology that has the flexibility to be used for secure patient and clinician identification, usually through a strategic combination of a strong single sign-on (SSO) platform to establish strict identification checks and provide a concrete audit trail of data access history with an enterprise-wide patient ID solution to secure remote access to PHI from mHealth apps and patient portals. The modern identification technology of choice for many healthcare providers to meet the rising demand for tighter security to access PHI is biometrics.

Lack of a strong PHI access policy can also have a negative impact on provider reputation. In a recent report on medical identity theft by The Ponemon Institute, 79% of patients surveyed said it is “very important” for healthcare providers to ensure the privacy of health records and allow them to have direct control of their health records.  

Why biometrics?

The HIPAA Privacy Rule requires healthcare organizations to secure remote access to PHI data as a safeguard for patient privacy and to eliminate data breaches that can lead to fraud and medical identity theft. Once considered secure identification criteria, user names and passwords are now considered antiquated and unable to offer strong protection to secure PHI access largely due to the fact that:

  • Most patients don’t want to worry about memorizing a complex password and thus default to using a simplistic password that’s easily guessable.
  • Most patients use the same password for many accounts, resulting in one key that unlocks dozens (or hundreds) of doors.
  • Most patients don’t even keep their passwords in secret. Everything from Netflix accounts to bank accounts to web accounts to video game accounts are often shared between friends, family members, and even strangers.

The use of biometrics for individual identification poses a much more secure and flexible technology to address the pressing need for healthcare to adopt stricter PHI access security protocols. Why?

We have written extensively about the applicability of biometric patient identification to improve patient safety in healthcare. Biometrics relies on identifying patients and clinicians by who they are, rather than what they have (ID badges) or what they know (user names, passwords) which can be more easily stolen or shared. Biometric identification technology is a more secure method to identify patients in self-driven interactions by allowing them to use the camera or microphone on their smartphone or tablet and use facial or voice recognition biometrics for accurate authentication. Biometrics offers more flexibility and convenience because it has the ability to be implemented at patient touchpoints where user name and password entry would be cumbersome and inappropriate — home health settings for example.   

The use of biometrics for identification also offers a concrete PHI access audit trail, a more accurate tracking mechanism than user names or passwords which can easily be shared and often skew analytics because it’s impossible to determine the actual individual using the credentials. This is important because litigation often relies on these audit trails used in the defense of medical identity theft or healthcare fraud claims.

Conclusion

Participation in portals and the use of mHealth and other mobile apps to access PHI is a key catayst to increase patient engagement in healthcare. Patients must have the confidence in their healthcare provider that their PHI is easily accessible and protected with the strongest authentication security on the market that ensures their privacy and safety. User names and passwords are no longer sufficient authentication credentials to meet the expanding need to offer a more flexible, scalable, and more secure identification technology for mHealth apps and patient portals.

Equally important is protecting clinician access to sensitive PHI data. Protocols must be implemented that abandon user names and passwords in favor of technologies such as biometrics that are more secure, less susecptible to being stolen or shared, and leave a concrete PHI data access audit trail. 

Have questions about the use of biometrics for patient identification in healthcare? Feel free to leave a comment or question below. 

 

 

 

RightPatient-is-hygienic-for-patient-identification-in-healthcare

Iris Recognition Offers Non-Contact, Hygienic Individual Identification

RightPatient-is-hygienic-for-patient-identification-in-healthcare

The following guest post was written by Brian Bilia, Enterprise Sales Consultant with RightPatient®

More Schools Using Non-Contact Biometrics for Individual Identification

In case you missed it, this week Virginia Commonwealth University announced the implementation of iris recognition in their on-campus dining halls for student identification. In addition to presenting a safer and more secure way to identify students the deployment according to the article, the initiative is designed to be:

“…helpful for students who forget or lose their IDs over the weekend, as there is not a way to get a replacement card over the weekend.” (USA Today, “New iris cameras at Va. school scan students’ eyes for entry into dining hall” http://usat.ly/1L4cbWb)

RightPatient-is-hygienic-for-patient-identification-in-healthcare

If schools adopt iris biometrics for student ID based on it’s non-contact, hygienic form factor, shouldn’t the healthcare industry offer the same protection to patients?

The article goes on to report that one of the main reasons Virginia Commonwealth and another schools chose to deploy iris recognition was because of its non-contact, hygienic feature:

“VCU is following in the steps of other schools — including George Mason University — which introduced the eye scanning system last year. Both schools opted for the this non-contact form of biometric technology — as opposed to a fingerprint scanner — because it is less invasive and won’t spread germs.” (USA Today, “New iris cameras at Va. school scan students’ eyes for entry into dining hall” http://usat.ly/1L4cbWb)

Essentially, hygiene played a critical role in determining which biometric modality the school would use for student identification. Due to the fact that iris recognition does not require physical contact with a biometric device, it presents one of the most hygienic hardware options available, keeping end users safe from the spread of germs and illness that could otherwise be a risk when using a contact dependent modality such as fingerprint or palm vein recognition. The fact that schools continue to adopt iris recognition for identification due to it’s hygienic, non-contact features begs the question — shouldn’t hospitals adopting biometric patient identification tools be investigating non-contact biometric modalities too?

Non-Contact, Hygienic Biometric Patient ID in Healthcare

In the healthcare industry, patient safety is the #1 priority. Rising conscientiousness about new strategies to keep patients safe rise combined with the explosion of digital health tools has pushed hospitals to re-assess hospital acquired condition (HAC) control policies and implement new platforms and monitoring programs that provide a safer and more hygienic environment for patient care. In addition, new policies by Medicare now penalize hospitals with high HAC rates raising the level of urgency to adopt digital health tools that support hospital infection control policies.

In lockstep with the urgency to increase patient safety in any possible way, hospitals and healthcare organizations are quickly catching on to the benefits of using biometrics for patient identification as a means to increase patient safety but what they are also discovering is that not all biometric hardware modalities have the ability to offer a non-contact, hygienic experience. Biometric hardware that requires physical contact by a patient can be interpreted as non-hygienic and raises the risk of HAC’s if the device is not properly sanitized after each use. Even when properly sanitized, these devices still pose a threat to patient safety due to the fact that cleaning agents do not have the ability to remove 100% of germs or bacteria.

Upon further research, healthcare entities learn that using iris recognition for patient identification in healthcare offers the use of an iris camera that a patient does not touch, helping to support hospital infection control policies and ensure that no one is susceptible to germs or bacteria that could cause an infection or illness. 

Patient Acceptance is Key

Despite the advantages of using iris recognition for patient ID in healthcare, certain stigmas exist about this technology that may make a healthcare organization hesitant to adopt. Many feel that iris recognition is too invasive and beams visible light into a patient’s eyes to determine their identity. In reality, iris recognition is often confused with retinal scanning which does use visible light for identification. Iris recognition instead uses camera technology with subtle infrared illumination to acquire images of the detail-rich, intricate structures of the iris. It’s 100% safe, and our field research has proven that patients are overwhelmingly accepting of using iris recognition for identification when presented with the option to protect them from duplicate medical records, fraud, and medical ID theft. 

Plus, iris recognition for patient ID offers other benefits such as the ability to identify unconscious or unknown patients and is built on one-to-many matching, the only true way to prevent duplicate medical records and medical identity theft in healthcare. 

Conclusion

Iris recognition has proven to be one of the most popular biometric modalities for individual identification for a number of reasons, including it’s non-contact, hygienic form factor that protects end users from germs and bacteria that otherwise exist on alternative biometric hardware devices. Hygiene has a rising influence in determining which hardware modality is utilized in  biometric identification management projects, and the advantages of using iris recognition biometrics has positioned the technology for strong adoption growth in the years to come.

How important is hygiene to you when selecting a biometric hardware modality?

biometric patient identification using iris recognition

Brian joined RightPatient in July 2015 as Enterprise Sales Consultant for the Midwest Region. Prior to RightPatient, Brian held several roles in sales management and new business development achieving over 15 years of experience working with the healthcare/hospital industry. 

biometric patient identification systems should offer multiple modalities

Why We Offer a Choice of Hardware Modalities for Biometric Patient ID

biometric patient identification systems should offer multiple modalities
Why We Offer a Choice of Hardware Modalities for Biometric Patient ID

Understanding the value of using a biometric patient identification solution that offers a choice of multiple biometric modalities is key to a better understanding of how this technology can truly increase patient safety in healthcare.

The following guest post was written by David Cuberos, Enterprise Sales Consultant with RightPatient®

On many occasions throughout the course of conversations with different hospitals and healthcare systems, the question of which biometric modality to deploy for a biometric patient identification management project always surfaces. After all, choosing which biometric hardware modality to deploy is a critical factor for patient acceptance and efficient system performance – metrics that have a significant impact on the success and return on investment (ROI) of the initiative. More often than not when our customers and community get an in depth look at the variety of biometric hardware modalities we offer compared to other alternatives, they are curious about why we would support multiple devices instead of just one, and what the pros and cons are of each. The answer uncovers an important, but not frequently discussed attribute of biometric patient identification solutions that hospitals and healthcare organizations should be aware of.

Experience in Biometrics and Health System Integration Matters

The origins of RightPatient®’s biometric matching technology trace back 13 years through the experience and global track record of managing both small and large scale biometric identification management projects in many different industries by our parent company M2SYS Technology. As a proven innovator and expert in biometric matching technology, our experience has taught us that the success of these initiatives is largely dependent on ensuring that the biometric modality used matches the unique needs of our end users, offers the flexibility to change or add a modality in the future, has the ability to be customized prior to launch, and is easily scaled up as the deployment grows. 

Experience in managing biometric identification management projects has also taught us the importance of using human factor engineering as part of our system design process based on understanding what makes a task easy for hospital staff and what makes it hard in order to ultimately develop biometric tools that would support healthcare organization goals.  Deployments became more about identifying solutions that would cut down on “human error” and providing biometric hardware and software systems that fit employee need and workflow and less about deploying a solution that used the most popular and well known technology and relied on traditional conventions.

Ergonomics have become more influential in biometric patient ID system design, and training curriculum was refined to reflect the sources of expert performance, and how hospital staff acquire expertise in working with biometric identity systems. And perhaps most importantly, biometric deployments based on human factor engineering are designed to make systems more resilient in the face of shifting demands.   

Hardware diversity, patient identification mobility, and back end databases that use certain biometric matching types are the only way that hospitals will be able to reach pre-deployment defined goals of eliminating duplicate medical records/overlays, preventing medical ID theft/fraud, and increasing patient safety. The biometric hardware chosen for a deployment has a direct effect on achieving these goals which is why it becomes a critical decision in the overall project scope.

The Problem of “Locking In” to One Biometric Modality System Platform

Biometric vendors who only offer a choice of deploying one biometric modality system for a patient ID initiative are hamstrung by the limitations of the device manufacturer. In other words, they “lock” you into using one biometric modality system that inhibits the ability to expand a deployment to meet the new realities of identifying patients in healthcare – biometric patient ID systems must now be able to offer patient identification at new touchpoints along the care continuum (e.g. – smart mobile devices, patient portals, and telehealth) and not just accurate ID at the point of service. Biometric patient ID systems that rely on one biometric modality can’t offer this flexibility because they can’t identify patients in these scenarios and often times, hospitals who deploy these solutions must either make another investment in a system that does have this capability, or risk not addressing how to offer accurate patient identification for the aforementioned new patient touchpoints – a risk that could have extremely negative repercussions should a patient be mis-identified or a clinician misses key patient health data missing from their medical record.

Deploying a biometric patient authentication system that offers a variety of modalities is the only way a hospital can meet the increasing complications of ensuring accurate identification along the care continuum at new touchpoints, using voice or facial recognition biometrics for smart mobile devices as an example. Absent of this flexibility, hospitals and healthcare organizations are running the risk of non-authorized individuals accessing sensitive personal health information (PHI), or medical information not being attributed to the proper records which is a direct threat to patient safety and an extreme liability.

The ability to establish and maintain patient data integrity is also called into question when locking into a single biometric modality system. The holy grail of patient data integrity is to achieve 100% accuracy, cleanse a master patient index (MPI) of any duplicate medical records/overlays, and then have the ability to maintain that level of integrity as the database grows. Since single biometric modality systems do not have the ability to address accurate patient identification at all touchpoints along the care continuum, hospitals and healthcare organizations run the risk that a care event will either be administered to the incorrect patient, or medical data could be accessed and stolen by an unauthorized individual. Deploying multiple biometric modalities such as facial and voice recognition to address accurate patient ID at ALL touchpoints is the only way that true patient data integrity can be established and maintained. 

Conclusion

As the biometric identification management industry continues it’s rapid pace of evolution and expansion parallel to the evolution and expansion of new patient touchpoints to access medical data and services, hospitals and healthcare organizations should be thinking of deploying a solution that leverages multiple modalities that can accurately identify patients no matter where they are. The only way to accomplish this is the use of a biometric patient ID solution that offers a choice of modalities and a high degree of flexibility for deployment to address various patient touchpoints along the care continuum.

Don’t fall into the trap that a one biometric modality system will be sufficient to ensure accurate patient ID and a high level of patient data integrity across the care continuum. Learn more about how a choice of biometric hardware modalities for patient identification in healthcare is a smarter investment that will truly help hospitals and healthcare organizations achieve the goals that measure the success of the initiative.

Partnering with a vendor that has deep experience in biometric identification management technology, a strong track record of healthcare system integration experience, and a history of innovation is the only way to achieve the results you expect.

What patient ID challenges have you experienced that were solved by the use of multiple biometric modalities? Please share your comments below.

biometric patient identification prevents duplicate medical recordsDavid Cuberos is an Enterprise Sales Consultant with RightPatient® helping hospitals and healthcare organizations realize the benefits of implementing biometrics for patient identification to; increase patient safety, eliminate duplicate medical records and overlays, and prevent medical identity theft and healthcare fraud.

RightPatient-is-the-right-solution-for-accurate-patient-identification

Biometric Patient Identification Implementation Should Be Higher On The Priority List

RightPatient-is-the-right-solution-for-accurate-patient-identification

The following post was submitted by Brad Marshall, Enterprise Development Consultant with RightPatient®

As someone with a long track record of implementing enterprise IT solutions in healthcare, I frequently observe hospitals “shuffling the project deck” as they compare and contrast the merits and return on investment (ROI) of each initiative in order to determine which makes the most sense to allocate budget dollars. Does politics at times play a part in the decision of which technology projects eventually get approved? Yes, at times. Are there often misinterpretations of the value that an enterprise IT project can offer in both the short and long term? Absolutely. Do hospitals often place a high priority on implementing projects that in reality, should be pushed further down the list in lieu of the value that another project brings to the table? Definitely.

RightPatient-is-the-right-solution-for-accurate-patient-identification

Are healthcare organizations evaluating the proper criteria to prioritize enterprise IT Projects?

Case in point: the implementation of biometrics for patient identification in healthcare. Although I am obviously biased towards this technology since I work for a company that has helped many hospitals throughout the world see the benefits of using it to increase patient safety, prevent duplicates and overlays, and protect patients from medical identity theft and fraud, it doesn’t alter the facts about how implementing biometrics before making a commitment to other competing enterprise software projects is something more healthcare organizations should consider. Why? Let’s look at some specific examples of alternate enterprise project implementations that would actually benefit and see performance improvements if a biometric patient identification project deployment took preference:

1. EHR Projects – Although the implementation or “switch” to another EHR vendor is perhaps one of the most complicated, time consuming, and resource-intensive enterprise software projects a healthcare organization will ever undertake, the implementation of a biometric patient identification system prior to embarking on an EHR project is a smart idea. Why?

Our experience has shown that there is always an uptick in duplicate medical records when you are initially implementing or switching to a new EHR system, primarily because staff are adjusting to new workflows and are less likely to catch duplicates the first few months. Since duplicate medical records present a direct threat to patient safety and a serious treatment error risk to healthcare organizations, their prevention should be priority #1 for any modern EHR system. 

I am not necessarily advocating the push for budget dollar allocation to biometric patient identification over an EHR project, however implementing a biometric patient identification solution before an EHR Go Live will make it more successful by immediately eliminating the possibility of creating duplicate medical records and overlays and prevent staff from making registration and patient identification mistakes while learning the new system.

2. Duplicate Medical Record “Clean-Up” –  Often times, I run across hospitals that may be evaluating the implementation of a “duplicate medical record clean-up” project prior to deploying biometrcis for patient identification. Without discounting the importance of purging duplicate medical records from any EHR database, the argument for why hospitals should consider the use of biometrics for patient identification is clear — healthcare organizations will successfully perform a “de-duplication” cleanup but continue creating duplicates until they implement stronger patient ID technology and will most likely have to do another cleanup down the road. 

Keep in mind that it only takes one – ONE – mistreatment at the hands of incorrect, missing, or incomplete medical data due to duplicates or overlays to result in harm, or possibly even death of a patient. Ask yourself, are you willing to assume the risk of medical errors to patients and the repercussions (which often can include hundreds of thousands, even millions of dollars in legal fees and compensation) of these errors for the short term gain of a “clean” master patient index (MPI)? Chances are, you aren’t willing to take that risk which leads to a stronger argument to implement biometrics for patient ID prior to launching a duplicate medical record clean-up initiative.

3. Big Data and Analytics – These are project priorities that perhaps perplex me the most, especially in the context of establishing higher data integrity when preparing to join a health information exchange (HIE), or as part of a merger that joins separate Integrated Delivery Networks (IDNs).  If a healthcare organization is seeking to allocate budget dollars to initiatives that advance data integrity, that’s good news. No one will argue that the healthcare industry simply has to better understand and find wisdom in the terabytes of data their systems possess to help advance the “triple aim” and deliver higher quality care, especially as more disparate networks are attempting to share data . However, the problem is that allocating budget dollars to these deployments is the quintessential “cart before the horse” mentality.

Instead of placing more emphasis on cleaning existing “dirty” data, healthcare organizations are rushing to the HIE table for fear of losing a seat or appearing indifferent to their patients and the industry wide push on sharing and making health data more accessible. What good is joining a HIE (or merging IDN’s) in the absence of technology that ensures that not only is the data you share clean and all medical data is properly attributed to the correct patient, but also guarantees that the data will STAY clean to give you the confidence that clinicians truly have a complete picture of a patient’s health and medical history when administering care. 

I’m reminded of a story that is a perfect illustration of why implementing biometrics for patient ID should take precedence over many other health IT projects, especially those that address data quality.

Years ago I worked for a local YMCA that had a leaky roof over the gymnasium. Each time it would rain heavily, staff would be scrambling to place buckets around the gym floor that would strategically catch the water leaking from the roof. The leaks would cause event and class cancellations, disrupt workout schedules, and generally leave paying members feeling a bit frustrated. YMCA management then made a decision to replace the aging, wooden gym floor with a new model that was built with a soft rubber substance – a radical new technology that was supposed lower the impact and strain of running on a hardwood surface. They then spent tens of thousands of dollars replacing the floor, and as you may have guessed, the next time a powerful storm came through, it leaked water all over the new gym floor. The irony in this situation of course is that management should have allocated the funding to fix the roof before they had the new floor installed.

As we continue to help the healthcare industry understand the advantages of implementing biometrics for patient identification, we understand that many healthcare organizations are not flush with cash to haphazardly allocate to any enterprise project that comes down the road. There are many mission critical projects that simply take precedence in the broader scope of improving the quality of care. Shouldn’t the deployment of biometrics for patient identification be one of them?

Brad Marshall works for RightPatient - the industry's best biometric patient identification solution.

Brad Marshall is an Enterprise Development Consultant with RightPatient®. With several years of experience implementing both large and small scale biometric patient identification projects in healthcare, Brad works closely with key hospital executives and front line staff to ensure project success.

 

Mhealth-requires-strict-patient-identificaiton-like-RightPatient

UCLA Breach Reinforces Importance to Protect Patient PHI

Mhealth-requires-strict-patient-identificaiton-like-RightPatient

It’s probably unfair to say that the recent UCLA Medical Center data breach that potentially exposed the personal health information (PHI) of 4.5 million patients was a wake up call for the healthcare industry to implement tighter data security protocols. In fact, it wasn’t a wake up call at all.

Healthcare data breaches have proliferated over the last five plus years, and the Health and Human Services (HHS) public “wall of shame” list of healthcare data breaches involving 500 or more individuals is…well….let’s just say a tad crowded. Since HHS began the list in 2009, 1,265 breaches exposing the records of nearly 135 million people have made the list. Ouch. The UCLA data breach isn’t groundbreaking news, it is simply another chapter in the long novel of healthcare data breaches that have placed millions of patients at risk by exposing their PHI and in some cases, social security numbers and personal demographic information. 

Mhealth-requires-strict-patient-identificaiton-like-RightPatient

The recent UCLA data breach is a strong reminder that healthcare organizations should consider the use of biometrics such as facial or voice recognition to protect patient PHI on mobile devices and patient portals.

The UCLA breach also foreshadows rising demand for tighter security protocols to protect PHI from unauthorized access on patient portals, mobile devices, and other new touchpoints. This rise of additional patient touchpoints to access PHI has vaulted establishing tighter security controls into the spotlight beyond traditional means of authentication. History has shown that username/password-based security is inadequate on mobile devices, yet healthcare organizations continue to adopt technology that uses this method to authenticate patients. Considering the high stakes to protect patient PHI, the UCLA data breach wasn’t a wake up call – it moved the needle to protect patient PHI to Defcon 1. 

The HIPAA Privacy Rule mandates that healthcare organizations secure remote access to PHI data as a safeguard for patient privacy and to eliminate data breaches that can lead to fraud and medical identity theft. The introduction of touchpoints such as patient portals and mobile devices changes the dynamic of protecting patient PHI because it demands adopting strategies that include using modern patient identification systems yet many healthcare organizations continue to rely on antiquated security solutions.  

Healthcare organizations must now consider patient identification systems that can address accurate authentication at each and every touchpoint along the care continuum, far beyond simply implementing technology that covers patient ID at office visits. 

Accurate-patient-identification-enhances-PHI-security-RightPatient

Implementing accurate patient identification when accessing PHI from mobile devices and patient portals must balance strong security with convenience and speed, which is why technologies such as facial and voice biometrics are gaining popularity. The use of biometrics to protect patient PHI is a smart investment, especially if healthcare organizations deploy a solution that offers the flexibility to be used during hospital/office visits and on each and every touchpoint a patient now has the ability to utilize as a means to access health data. Biometric patient identification solutions offer stronger security than user names and passwords and have proven to be more efficient and convenient by eliminating the need and frustration to remember multiple login credentials.

As we experience a sharp rise in patient driven interactions within the healthcare system that offer more avenues for criminals and hackers to access PHI, it is critical that healthcare organizations implement modern identification solutions that have the ability to better protect this information. Biometrics to protect patient PHI is quickly gaining attention as a security solution that can serve this need. Although it’s impossible to determine whether or not biometrics could have helped prevent hackers from obtaining access to protected patient PHI in the UCLA data breach, the use of this technology can help to offer a secure layer of protection that can deter hackers from even attempting to try.