Critical Care: The Importance of Stronger Authentication in Health Care
-
Upload
fido-alliance -
Category
Technology
-
view
276 -
download
1
Transcript of Critical Care: The Importance of Stronger Authentication in Health Care
CRITICAL CARE: THE IMPORTANCE OF STRONGER AUTHENTICATION IN HEALTH
CAREFIDO Alliance Webinar
February 25, 2016
All Rights Reserved. FIDO Alliance. Copyright 2016.
All Rights Reserved. FIDO Alliance. Copyright 2016. 2
Today’s Agenda• Welcome!• FIDO in Healthcare: An Update• Brett McDowell, Executive Director, FIDO Alliance
• Why FIDO Matters in Healthcare• Tom Groom, CEO, HealthNexus
• Q&A
Confidential
All Rights Reserved. FIDO Alliance. Copyright 2016. 3
FIDO IN HEALTHCARE: AN UPDATEBrett McDowell
February 25, 2016
The FIDO Alliance is an open industry association of over 250 global member organizations
Physical-to-digital identity
User Management
Authentication
Federation
SingleSign-On
Passwords Risk-BasedStrong
MODERNAUTHENTICATION
FIDO Scope
All Rights Reserved. FIDO Alliance. Copyright 2016. 5
FIDO Alliance Mission
DevelopSpecifications
OperateAdoption Programs
Pursue Formal Standardization
1 2 3
All Rights Reserved. FIDO Alliance. Copyright 2016. 6
All Rights Reserved. FIDO Alliance. Copyright 2016. 7
FIDO in Healthcare• This Week’s News:
• Aetna joins FIDO’s Board of Directors• FIDO & NH-ISAC:
• NH-ISAC is the nation’s Healthcare and Public Health Information Sharing and Analysis Center, responsible for advancing all-hazards (physical and cyber) security national critical infrastructure resilience.
• FIDO & NH-ISAC Implemented a Liaison partnership in Q4 2015, with the aim of collaborating on strong authentication standards and policies
• More to come…:• Various workgroups in FIDO are focused on relevant technical and
policy activities – we’re eager to see greater involvement from healthcare industry!
Confidential
Why FIDO Matters?
HealthcareTom Groom
CEO
February 25, 2016
Agenda
• Cyber Risk in Healthcare• Market Trends• Patient Engagement & Analytics
o Role of Technology in Patient Engagemento Health Care Everywhereo Use of data and analytics in Patient Care
• Why FIDO Matters?• ONC - Federal Health IT Strategic Plan Goals• HIMSS – Congressional Ask• FIDO Enabled Healthcare Use Case
Cyber Risk In Healthcare
Image Source: Keeper Security
Ponemon study estimates that data breaches could be costing the healthcare industry $6 billion a year and healthcare organizations of all sizes are at risk.
Cyber Risk In Healthcare
SURFWATCH CYBER in SIGHT
Market Trends – Patient Engagement and Analytics
Health Care Everywhere
• The location of where care is delivered has moved well beyond health care facilities
• Non-physician care roles are expanding• Patient engagement is increasing through the
use of technology• New care settings bring new challenges in
coordination and access• Interesting stat – 50% of health care will shift
from hospitals and clinics to homes and community over the next decade
Things to consider: Organizations need to establish billing and
tracking protocols to ensure coordination of care activities
Investments will be needed to link and integrate fragmented data
Market Trends – Patient Engagement and Analytics
Use of data and analytics in Patient Care
• Increase use of electronic health records (EHRs) is creating more patient-based insights
• Additional data sources such as medical devices, wearables, and other mHealth applications
• Data and Analytics-Based insights will drive efficiencies• Collecting and analyzing data will be very important –
meaningful metrics and outcomes• Organizational and Operational barriers must be
addressed Who owns the data? Privacy/Content issues? Security (Identity Proofing, Authentication, User
Delegation)
EHR’s
Things to consider: Emphasis on improving data tracking and
linking across disparate sources A focus on longitudinal patient data assets
Why FIDO Matters? – ONC
Federal Health IT Strategic Plan Goals:Goal 1: Advance Person-Centered and Self-Managed HealthGoal 2: Transform Health Care Delivery and Community HealthGoal 3: Foster Research, Scientific Knowledge, and InnovationGoal 4: Enhance Nation's Health IT Infrastructure
The Office of the National Coordinator for Health Information Technology (ONC) is a staff division of the Office of the Secretary, within the U.S. Department of Health and Human Services. ONC leads national health IT efforts, charged as the principal federal entity to coordinate nationwide efforts to implement and use the most advanced health information technology and the electronic exchange of health information.
Why FIDO Matters? – HIMSS Congressional Ask
1. Support Robust Interoperability and Health Information Exchange 2. Expand Access to Teleheath Services for Medicare Beneficiaries 3. Support Healthcare's Efforts to Combat Cyber Threats
Healthcare Information and Management Systems Society (HIMSS) is a not-for-profit organization dedicated to improving healthcare quality, safety, cost-effectiveness, and access, through the best use of information technology and management systems.
Congressional Ask:
Why FIDO Matters? – Healthcare Use Case
Patient Access to Immunization Records
A Use Case
Why FIDO Matters? – Healthcare Use Case
The universal questions:
• Where are my family’s immunization records?• What immunization do I need?• Why can’t there be one place to get your
records?
The Solution: Consumer access to Public Health
Immunization Information Systems (IIS)
Why FIDO Matters? – Healthcare Use Case
Public Health Immunization Information Systems • Contain patient immunizations given by physicians, hospital staff, pharmacists,
employer clinics.• Meaningful use requires providers to report Consumer access is an ACA requirement
Scientific Technologies Corporation’s MyIR• A record of your & your families
immunizations• A forecast of what immunizations are due• A Certified State Immunization Report
(school entry, camps, …)
Why FIDO Matters? – Healthcare Use Case
Today - Authentication & access currently inadequateStep 1: Register on-lineStep 2: Now go to your physician as only they can identity proof you and sign you up.Step 3: Remember your password for access records?
• Identify Proofing: Are you the patient? Who are family members?
• Authentication: Password protected only. • Low uptake• Unhappy users
2016Step 1: Register on-lineStep 2: Identity proof on-lineStep 3: FIDO strong authentication to access
• Increased uptake• Empowered users
Why FIDO Matters? – Healthcare Use Case
SpecificationsUAF & U2F
CertificationsFIDO Certified™
ProductsS3 Suite
PartnershipsOEMS,
Authenticators
Camera
Fingerprint Sensor
Microphone
Secure Execution
Secure Storage
Location
Motion, Heartbeat, etc.M7
Face Recognition
FingerprintRecognition
VoiceRecognition
Why FIDO Matters? – Healthcare Use Case
FIDO Enabled MyIR:• Ensures consumer engagement • Can enable:• Outreach - Alerting and notifications
o Area outbreaks – flu near meo Immunizations due – age appropriate, new vaccines, …o Location of are vaccines – travel, limited supplies
• Add patient data from other health data sourceso Prescriptionso Lab test resultso Patient credentialing e.g. Diabetes awarenesso Chronic disease indicators
Why FIDO Matters? – Healthcare Use Case
Q&A
All Rights Reserved. FIDO Alliance. Copyright 2016. 24Confidential