Biometrics in Healthcare – the Right Place, the Right Time

Across industries, the use of biometrics to verify and authenticate users is growing. Voice biometrics and face recognition technologies have matured rapidly over the last several years and today, successful enterprise deployments and testing by organizations such as NIST demonstrate the accuracy of these solutions for mainstream use.

Financial services companies have been at the forefront of biometric adoption, particularly for new customer onboarding, mobile banking and contactless payments. But, equally compelling use cases are emerging in healthcare as the industry strains to simultaneously respond and transform in the wake of COVID-19.

In this article, we’ll dive into challenges driving the adoption of biometric authentication in healthcare including:

1. Rising cybercrime targeting medical data and services
2. The need to accelerate digital health options – know your patient, anywhere care
3. Touchless access/interactions wherever possible

We’ll also present specific ideas for using biometrics to overcome these challenges and create value for both patients and providers.

Challenge #1:
Rising cybercrime targeting medical data and services 

Healthcare is the new #1 target for cybercrime. Full of valuable data, medical records command higher prices on the dark web, making them a top target for criminals. According to CBS News, patient records can sell for up to $1,000 each.

“The 2019 Healthcare Data Breach Report,” published by HIPAA Journal, found more healthcare records were breached in 2019 than in the six years from 2009 to 2014. And, that was before COVID-19 drove increased demand for telehealth and remote access.

Compromised, weak and reused passwords put patients at risk and are the primary cause of hacking-related breaches.

The Problem with Passwords

• Users have too many to remember
• Forgotten passwords are reset using weak “secret questions” and knowledge-based authentication methods that are simple for social engineers to hack
• Users sacrifice security for convenience
• Compromised credentials are for sale on the dark web
• Correctly entering passwords on mobile is hard – issues are magnified for persons with cognitive, physical (mobility/dexterity), and vision disabilities

Using biometrics in healthcare offers a way to access sensitive information using something that can’t be lost, stolen, shared or forgotten. People sometimes talk about their biometric information being “stolen”, so let’s address that. First, biometric templates are encrypted and should not be stored alongside any personally identifiable information (PII), making the data meaningless in the hands of a criminal. Second,  modern voice and face biometric solutions utilize anti-spoofing technologies to prevent the use of a recording, synthetic voice, photo, video, etc. The technology, called liveness detection, basically makes your captured image or voice useless when trying to login or otherwise validate your identity online – a good thing since our photos (and often our voices) are already easily accessible on social media and other sites!

Following are some ways to approach password replacement:

• Add a biometric to existing password login as a second factor. This will enhance security without adding friction that other two-factor solutions can present. It’s also a way to transition patients (and employees) from passwords to biometric authentication.
• Voice biometrics in particular can be used with nearly any channel – from the contact center to mobile and desktop login to in-office check ins.
• If you have a mobile app, it’s a great place to start. Easily use two biometric modalities, i.e. voice and face, to ensure the highest levels of security while keeping the user experience frictionless.

Challenge #2:
The need to accelerate digital health options – know your patient, anywhere care

A new report by Technavio forecasts the global digital health market to grow by USD 207.34 billion during 2020-2024 – a CAGR of over 20%!  Healthcare providers are faced with fast tracking digital innovations including offering virtual visits, mobile apps and chatbots. While the surge in demand for telehealth and digital access may be driven by the pandemic, experts agree we will see a lasting impact on healthcare.

Unlike visiting a doctor’s office and presenting your photo ID and insurance card in person, proving your identity online is more complicated and more susceptible to fraud. Much like banks have processes to comply with KYC (Know Your Customer) regulations including verifying the identities of digital customers, we should expect similar security processes to be adopted in healthcare. Once a claimed identity is verified through document validation, facial matching, and facial liveness detection, it’s a quick process to enroll patients into using biometrics for convenient and secure access to healthcare portals, mobile apps, secure messaging platforms and other telehealth services.

The possibilities for using biometrics in healthcare to improve security and enhance the user experience are significant.

Here’s an example of what a telehealth app might look like:

• An enrolled patient quickly logs in to the mobile telehealth app using voice biometrics and face biometrics with voice anti-spoofing and passive facial liveness detection – that’s four layers of security and minimal friction.

• The patient clicks to request a virtual appointment. One application enables access to a secure voice, video or messaging consult.

 

• The doctor joins the conversation – with the assurance the patient they are speaking with is who they claim to be. The application can also leverage continuous authentication to ensure security throughout the entirety of the interaction, not just at the start of it.

Challenge #3:
Touchless access/interactions wherever possible

Another lasting effect of the pandemic will be a hyper awareness of what we touch – from keypads to kiosks to access systems. Biometrics including voice and face offer a touchless way to authenticate a person’s identity and enable access to secure locations. In the current environment, biometrics technology in the medical field could help reduce virus spread in clinics, offices, and hospitals.

The use of voice and/or face biometrics in healthcare facilities would eliminate the need for access cards or badges, PIN codes and fingerprint readers. In addition to eliminating the vulnerabilities of using something that can be lost, stolen or shared, we reduce contact with high-traffic surfaces. Staff can keep gloves on and with voice, face masks do not need to be removed. Access to a secure area can be granted simply by using a Wake Up Word such as “TGH, verify me” – similar to waking up Alexa or Siri.

Other use cases for biometrics in healthcare facilities include:

• Fast, touchless check-in for known patients and visitors – New patients can be prompted to enroll voice and or face biometric templates during digital onboarding. Existing patients can quickly enroll through a secure patient portal. Forms and copays can be completed online or in a mobile app prior to visits for improved safety of staff and patients, and more efficiency all around.
• Strong security for staff access to protected substances – reducing drug diversion. According to healthcare software provider Invistics, studies have shown that approximately 10% of pharmacists, nurses and anesthesiologists are currently diverting drugs in their workplaces.

Looking to the future

As biometric adoption increases in healthcare, another advantage will be the ability to more accurately link patients to their electronic medical records (EMRs) for improved care. In a Healthcare IT News article, Ben Moscovitch, project director of health information technology at Pew Charitable Trusts, said “Research has shown that match rates between organizations can be as low as 50 percent, meaning that up to half the time patient records may not be linked when they should be.”

In emergency situations, facial recognition may also help providers quickly identify a patient and access their records. Today, providers often rely on quick registration processes that can lead to inaccurate matches, or no information in the event that a patient is unable to communicate.  And for admitted patients, biometrics offers a faster, more secure, and touchless way to verify patient identities, as well as a more complete picture of medical conditions and medications than ID wristbands.

One thing is for certain, the current challenges and strains facing the healthcare industry will no doubt accelerate innovation that positively impacts both providers and patients.

If you are exploring the use of biometrics in the healthcare space or would like to learn more or discuss the possibilities, we’d love to talk. Contact us!

ARTICLE ORIGINALLY POSTED ON BIOMETRICUPDATE.COM