Alliance Outlines Need For Smart Card-Based Healthcare Identity Management Infrastructure Leveraging Existing Federal Standards -- Security Today

Alliance Outlines Need For Smart Card-Based Healthcare Identity Management Infrastructure Leveraging Existing Federal Standards

Oct 09, 2009

Government policy makers and healthcare stakeholders looking to establish electronic medical records (EMRs) to improve the U.S. healthcare system should look first to defining the identity management infrastructure for securely identifying patients, medical providers and anyone else handling the records, stated the Smart Card Alliance Healthcare and Identity Councils in a position paper issued recently. To this end, the Councils recommend the use of existing federal standards for smart cards to create a trusted identity management infrastructure.

The passing of the American Recovery and Reinvestment Act of 2009 (ARRA) and HITECH Act gave impetus for the Smart Card Alliance to create the paper to elevate the discussion about identity management before the federal government begins to invest over $19 billion in healthcare information technology. This investment will provide significant incentives for healthcare providers to implement EMR systems over the next five years. The Alliance argues that these plans that emphasize electronic health record exchange are putting the cart before the horse, and effective identity management is needed first.

“As we move away from paper-based medical records that are controlled by physical access to buildings, rooms, and files, we need to have a healthcare infrastructure that supports strong identity and security controls,” said Paul Contino, chair of the Smart Card Alliance Healthcare Council and vice president of information technology with Mount Sinai Medical Center “The issues with establishing identity are compounded as electronic medical records are used by many different organizations at the regional, state, and national levels. There must be a way to uniquely and securely authenticate each person across the healthcare infrastructure, whether that interaction is in person or over the Internet.”

The Smart Card Alliance paper discusses the current challenges facing the healthcare IT infrastructure and details why smart cards provide the most cost efficient, secure, and user-accepted method for solving the healthcare identity management problem. It also explains how smart card technology can help make the critical capabilities needed in the healthcare infrastructure both possible and cost-effective. It can also provide an ideal way to achieve HIPAA compliance and meet the more stringent regulatory requirements of ARRA / HITECH.

“The lack of consistent and uniform identity management is at the root of the challenges faced by the healthcare industry today -- lowering administrative costs, preventing medical identity theft and fraud, protecting patient privacy, and enabling healthcare data exchanges. In fact, of the 195,000 deaths in the United States that occur annually due to medical errors, 60 percent of those were because of failure to correctly identify the patient,” said Randy Vanderhoof, executive director of the Smart Card Alliance. “Creating a healthcare identity management infrastructure based on smart card technology directly addresses these problems because it enables the ability to properly identify patients and healthcare providers, match healthcare records, and identify individuals and healthcare providers that have authorized access to them.”

In addition to the use of smart cards, the Healthcare and Identity Councils advise the healthcare industry to take the opportunity to leverage and build upon existing federal initiatives and standards, such as the NIST Federal Information Processing Standard (FIPS) 201 and the Personal Identity Verification (PIV) card, which are already in use by numerous government agencies. These existing standards are proven technology solutions and an established set of best practices for smart card-based identity management and authentication that can be adapted to healthcare.

“NIST standards, and the Federal Identity, Credential, and Access Management (F/ICAM) committee vision and framework on identity management provide the foundation for the healthcare industry to jump-start the definition of a national healthcare identity management infrastructure and provide a proven model for interoperability across multiple organizations,” Vanderhoof said

Security LeadHER Opens Call for Speakers and Registration for 2025 Event
01/24/2025
Stronger Together: Stone Security, BearCom Team Up
01/23/2025
Genetec Named One of Canadas 2025 Top Employers for Young People
01/22/2025
MediaStorm and HID Partner to Transform the Workplace Experience with Employee Badge in Apple Wallet
01/21/2025
Napco’s Continental Enterprise Controllers Now Integrated with LifeSafety Power
01/21/2025
NAPCO Promotes Peter Lowenstein to Head Napco Access
01/16/2025
i-PRO Shares Key Predictions for the Physical Security Market in 2025
01/14/2025
Snap One Adds New Luma 4K Hybrid Surveillance Cameras to X20 Portfolio
01/14/2025

Featured

Hot AI Chatbot DeepSeek Comes Loaded With Privacy, Data Security Concerns

In the artificial intelligence race powered by American companies like OpenAI and Google, a new Chinese rival is upending the market—even with the possible privacy and data security issues. Read Now
- Artificial Intelligence
- Cybersecurity
Survey: CISOs Increasing Budgets for Crisis Simulations in 2025

Today, Cyber Performance Center, Hack The Box, released new data showcasing the perspectives of Chief Information Security Officers (CISOs) towards cyber preparedness in 2025. In the aftermath of 2024’s high-profile cybersecurity incidents, including NHS, CrowdStrike, TfL, 23andMe, and Cencora, CISOs are reassessing their organization’s readiness to manage a potential “chaos” of a full-scale cyber crisis. Read Now
- Cybersecurity
Human Risk Management: A Silver Bullet for Effective Security Awareness Training

You would think in a world where cybersecurity breaches are frequently in the news, that it wouldn’t require much to convince CEOs and C-suite leaders of the value and importance of security awareness training (SAT). Unfortunately, that’s not always the case. Read Now
- Cybersecurity
Windsor Port Authority Strengthens U.S.-Canada Border Waterway Safety, Security

Windsor Port Authority, one of just 17 national ports created by the 1999 Canada Marine Act, has enhanced waterway safety and security across its jurisdiction on the U.S.-Canada border with state-of-the-art cameras from Axis Communications. These cameras, combined with radar solutions from Accipiter Radar Technologies Inc., provide the port with the visibility needed to prevent collisions, better detect illegal activity, and save lives along the river. Read Now
- Government

Security Today eNews

Sign up today for essential industry news and product information that can help you stay afloat in the fast-paced world of security.

Email Address*Country*

Please type the letters/numbers you see above.

Webinars

SparkCognition

How Visual AI Is Transforming the Conventional School Safety Model
Hanwha Vision (formerly Hanwha Techwin), Arcules, Digital Watchdog, Salient Systems, Evolv Technology

AI is Changing Security
Hanwha Techwin, Salient Systems, Evolv Technology, Omnilert, Eagle Eye Networks Inc, Traka ASSA ABLOY, i-PRO Americas Inc., Digital Watchdog, IPVideo Corporation, ProdataKey

Exploring Multiple Facets of Campus Security Summit
Enhancing Campus Safety: Practical Approaches to Advanced Firearm Detection Technology
HID Global

Unlock the Potential: Why Make the Shift to Mobile Credentials

Whitepapers

Axis Communications, Inc.

Increasing the likelihood of a successful school grant application leveraging the PASS guidelines
Salient Systems

A Model for Community Security
Genetec

State of Physical Security 2025
Winsted Corporation

Sit/Stand Consoles: Helping Increase Productivity
BriefCam

The ROI of Video Analytics

New Products

Camden CV-7600 High Security Card Readers

Camden Door Controls has relaunched its CV-7600 card readers in response to growing market demand for a more secure alternative to standard proximity credentials that can be easily cloned. CV-7600 readers support MIFARE DESFire EV1 & EV2 encryption technology credentials, making them virtually clone-proof and highly secure. 3
Compact IP Video Intercom

Viking’s X-205 Series of intercoms provide HD IP video and two-way voice communication - all wrapped up in an attractive compact chassis. 3
Camden CM-221 Series Switches

Camden Door Controls is pleased to announce that, in response to soaring customer demand, it has expanded its range of ValueWave™ no-touch switches to include a narrow (slimline) version with manual override. This override button is designed to provide additional assurance that the request to exit switch will open a door, even if the no-touch sensor fails to operate. This new slimline switch also features a heavy gauge stainless steel faceplate, a red/green illuminated light ring, and is IP65 rated, making it ideal for indoor or outdoor use as part of an automatic door or access control system. ValueWave™ no-touch switches are designed for easy installation and trouble-free service in high traffic applications. In addition to this narrow version, the CM-221 & CM-222 Series switches are available in a range of other models with single and double gang heavy-gauge stainless steel faceplates and include illuminated light rings. 3