Alliance Outlines Need For Smart Card-Based Healthcare Identity Management Infrastructure Leveraging Existing Federal Standards -- Security Today

Alliance Outlines Need For Smart Card-Based Healthcare Identity Management Infrastructure Leveraging Existing Federal Standards

Oct 09, 2009

Government policy makers and healthcare stakeholders looking to establish electronic medical records (EMRs) to improve the U.S. healthcare system should look first to defining the identity management infrastructure for securely identifying patients, medical providers and anyone else handling the records, stated the Smart Card Alliance Healthcare and Identity Councils in a position paper issued recently. To this end, the Councils recommend the use of existing federal standards for smart cards to create a trusted identity management infrastructure.

The passing of the American Recovery and Reinvestment Act of 2009 (ARRA) and HITECH Act gave impetus for the Smart Card Alliance to create the paper to elevate the discussion about identity management before the federal government begins to invest over $19 billion in healthcare information technology. This investment will provide significant incentives for healthcare providers to implement EMR systems over the next five years. The Alliance argues that these plans that emphasize electronic health record exchange are putting the cart before the horse, and effective identity management is needed first.

“As we move away from paper-based medical records that are controlled by physical access to buildings, rooms, and files, we need to have a healthcare infrastructure that supports strong identity and security controls,” said Paul Contino, chair of the Smart Card Alliance Healthcare Council and vice president of information technology with Mount Sinai Medical Center “The issues with establishing identity are compounded as electronic medical records are used by many different organizations at the regional, state, and national levels. There must be a way to uniquely and securely authenticate each person across the healthcare infrastructure, whether that interaction is in person or over the Internet.”

The Smart Card Alliance paper discusses the current challenges facing the healthcare IT infrastructure and details why smart cards provide the most cost efficient, secure, and user-accepted method for solving the healthcare identity management problem. It also explains how smart card technology can help make the critical capabilities needed in the healthcare infrastructure both possible and cost-effective. It can also provide an ideal way to achieve HIPAA compliance and meet the more stringent regulatory requirements of ARRA / HITECH.

“The lack of consistent and uniform identity management is at the root of the challenges faced by the healthcare industry today -- lowering administrative costs, preventing medical identity theft and fraud, protecting patient privacy, and enabling healthcare data exchanges. In fact, of the 195,000 deaths in the United States that occur annually due to medical errors, 60 percent of those were because of failure to correctly identify the patient,” said Randy Vanderhoof, executive director of the Smart Card Alliance. “Creating a healthcare identity management infrastructure based on smart card technology directly addresses these problems because it enables the ability to properly identify patients and healthcare providers, match healthcare records, and identify individuals and healthcare providers that have authorized access to them.”

In addition to the use of smart cards, the Healthcare and Identity Councils advise the healthcare industry to take the opportunity to leverage and build upon existing federal initiatives and standards, such as the NIST Federal Information Processing Standard (FIPS) 201 and the Personal Identity Verification (PIV) card, which are already in use by numerous government agencies. These existing standards are proven technology solutions and an established set of best practices for smart card-based identity management and authentication that can be adapted to healthcare.

“NIST standards, and the Federal Identity, Credential, and Access Management (F/ICAM) committee vision and framework on identity management provide the foundation for the healthcare industry to jump-start the definition of a national healthcare identity management infrastructure and provide a proven model for interoperability across multiple organizations,” Vanderhoof said

HID Signs Agreement to Acquire Calmell Group
07/10/2025
HID and ASSA ABLOY Recognized with Renowned Red Dot Award for Innovative Biometric eGate Design
07/09/2025
Security Industry Association Announces Program for 2025 AcceleRISE Conference
07/07/2025
SIA Opens Applications for 2025 Denis R. Hébert Identity Management Scholarship
07/07/2025
Honeywell Makes Strategic Tuck-in Acquisition of Li-ion Tamer
07/01/2025
Defining SASE at the Largest Consumer Electronics Chain in the Nordics
06/26/2025
Elite Interactive Receives Strategic Investment from CIVC Partners
06/26/2025
ProdataKey’s Emergency Response Integrations: Integrated Access Control Made Easy
06/25/2025

Featured

Sustainable Video Solution Delivered for Landmark City of London Office Development

An advanced, end-to-end video solution from IDIS, with a focus on reducing waste and costs, has helped a major office development in the City of London align its security with sustainability objectives. Read Now
- Facility Security
DHS to End ‘Shoes-Off’ Travel Policy

Homeland Security Secretary Kristi Noem announced a new policy today which will allow passengers traveling through domestic airports to keep their shoes on while passing through security screening at TSA checkpoints. Read Now
- Airport Security
AI to Help Resolve Non-Emergency Calls Across Utah and Decrease 911 Caller Wait Times

The Utah Communications Authority (UCA), which oversees the state’s next generation 911 technology services, recently announced that public safety answering points (PSAPs) throughout the state plan to implement Motorola Solutions’ Virtual Response technology to automate the receipt and resolution of 10-digit non-emergency line calls in Utah with the help of AI. Read Now
- Government
Report: 2025 Video Surveillance Market Set to Grow After Small Decline in 2024

Novaira Insights has unveiled its latest report, “World Market for Video Surveillance Hardware and Software – 2025 Edition.” The research indicates that the global market for video surveillance hardware and software experienced a slight decline of 0.3% in 2024. This performance fell short of previous forecasts, primarily due to a significant decrease of 7.8% in the Chinese market. Conversely, the rest of the world saw a growth of 4.9%. The global market for video surveillance equipment was estimated to be worth $25.0 billion in 2024. Read Now
- Video Surveillance
Report Reveals Local Governments Face Surge in Ransomware Attacks with Minimal Resources

KnowBe4, the cybersecurity platform that comprehensively addresses human risk management, recently released new research highlighting the critical cybersecurity challenges facing state, local, tribal, and territorial (SLTT) governments. The report details how government organizations have become prime targets for cybercriminals while simultaneously facing severe resource constraints. Read Now
- Government

Security Today eNews

Sign up today for essential industry news and product information that can help you stay afloat in the fast-paced world of security.

Email Address*Country*

Please type the letters/numbers you see above.

Webinars

Whitepapers

New Products

ResponderLink

Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols.
Automatic Systems V07

Automatic Systems, an industry-leading manufacturer of pedestrian and vehicle secure entrance control access systems, is pleased to announce the release of its groundbreaking V07 software. The V07 software update is designed specifically to address cybersecurity concerns and will ensure the integrity and confidentiality of Automatic Systems applications. With the new V07 software, updates will be delivered by means of an encrypted file.
Unified VMS

AxxonSoft introduces version 2.0 of the Axxon One VMS. The new release features integrations with various physical security systems, making Axxon One a unified VMS. Other enhancements include new AI video analytics and intelligent search functions, hardened cybersecurity, usability and performance improvements, and expanded cloud capabilities