Choosing the right biometric system for securing PHI

HIPAA lays special emphasis on conversion of medical records of patient from paper to electronic format and any covered entity failing to protect the patient health data as per HIPAA compliance norms is subject to strict penalties and criminal convictions.

When making health transactions on the internet, it is mandatory for health service entities to provide a very secure access system. Here, biometric technology could be of help as it deploys unique physical and behavioral characteristics like fingerprints, Iris Retina, and signature, keystroke pattern, voice print, respectively which are embedded in system to create a secure and unique identification for each and every user.

When choosing a biometric system, the health care provider should look for these features:

  • It should be easily deployable. The devices should be cost effective and sport user friendly features so that users can easily access the services.
  • The system should allow the service provider to quickly gather the user data and compare it to an accepted benchmark.
  • There should be a provision for a proper training backup on installation, integration and optimization of such devices.
  • High degree of accuracy. The false-acceptance rate (FAR) and false–rejection rate (FJR) used in the biometric measurement standards should balance each other so that the crossover error rate (CER) is less. A lower CER points to higher accuracy in the system.
  • Customized to the environment. In patient admission, nursing, billing and administration fingerprint scan will work well but will fail in the clinics and labs where latex hand gloves are used.
  • The system should support interoperability so that the data from the different biometric devices can be exchanged and compared with each other. This also provides a greater security assurance by integrating two or more different type of devices to create a strong and tamperproof access system.