Protecting protected health information (PHI) requires vigilance in today’s environment of increased sharing of personal information online. National HealthIT Week (Oct 5-9) highlights the importance of health IT—specifically electronic health records (EHRs) which improve the quality of healthcare delivery, increase patient safety, decrease medical errors, and strengthen the interaction between patients and healthcare providers. Protecting PHI delivered through patient portals or EHRs means knowing who has access to the information.
Patient portals and EHRs provide improved quality of clinical services to patients and lower costs for administrative services. However, there are serious risks associated with unauthorized access to highly sensitive health information, including the potential for medical fraud and identity theft. Assurance that only authorized individuals are accessing, viewing, and updating individually identifiable health information and performing transactions within the online channel creates trust that sensitive health records and related information will not be compromised.
Using strong multifactor authentication helps keep patient information safe from exposure and loss. When strong identity proofing and authentication solutions are used, fraud and data misuse is less likely, easier to detect, and the quality and timeliness of service improves dramatically. Also, knowing that practitioners and patients are who they claim they are before allowing access to PHI helps providers comply with Meaningful Use security requirements for secure exchange of health information.
Healthcare organizations need to implement proven solutions that not only meet current requirements for identity proofing and authentication but also continue to evolve to address ever-changing security and fraud threats and changes in regulations and compliance requirements. These solutions must also provide a positive online experience and only require additional authentication steps when needed. Equifax’s solution for healthcare portals was designed to meet recommendation of National Institute of Standards and Technology (NIST) levels 2 and 3 for identity proofing and authentication and has been approved as an Identity Proofing Component member of a FICAM-approved Trust Framework.