The password isn’t yet dead, but as healthcare breaches continue to grow and cybersecurity continues to weigh in as a major concern for providers everywhere, new forms of authentication are beginning to rise up, including two-factor authentication methods that often make use of biometrics.
In fact, according to IBM’s “Future of Identity Study” for younger generations, the use of biometrics is even less daunting than the use of passwords, with 75 percent of millennials reporting they are already comfortable using biometrics, but less than half report they are using complex passwords, and more than 40 percent are reusing old passwords.
Meanwhile, 67 percent of respondents say they are comfortable using biometric authentication, and even more are ready to grow into them, with 87 percent of respondents noting they’ll be comfortable with these technologies in the near future.
NorthShore University Taps 2FA for E-Prescriptions
In fact, two-factor authentication has become more necessary in recent years. When the U.S. Drug Enforcement Agency issued a rule in 2010 that allowed electronic prescribing of controlled substances, health systems and software vendors began partnering on solutions that required two-factor authentication for prescribing physicians. One of the first health systems to deploy such a solution was Evanston, Ill.-based NorthShore University HealthSystem.
The four-hospital organization, which employs 970 physicians in its medical group, deployed Imprivata’s Confirm ID — which uses biometric technology (a fingerprint reader) integrated with the electronic health record — via a few small pilots in early 2014, and eventually rolled it out to primary care and specialist offices. By the end of the year, the entire medical group was live on the solution.
“Doctors were excited about this project because it makes their workflow easier and makes things easier for patients,” says Meredith Sefa, NorthShore’s assistant vice president, application services.
Sefa suggests that health IT executives thinking of rolling out similar tools should focus heavily on the clinician experience.
“Besides the obvious questions of ensuring they are following all the DEA requirements, make sure there will be seamless integration with the organization’s EHR for the clinicians,” she says.
To learn more about how providers are boosting security with new authentication solutions, check out the feature article "Healthcare Organizations Boost Efficiency via Identity and Access Management Tools."