Download - Critical Care: The Importance of Stronger Authentication in Health Care

CRITICAL CARE: THE IMPORTANCE OF STRONGER AUTHENTICATION IN HEALTH

CAREFIDO Alliance Webinar

February 25, 2016

All Rights Reserved. FIDO Alliance. Copyright 2016.

All Rights Reserved. FIDO Alliance. Copyright 2016. 2

Today’s Agenda• Welcome!• FIDO in Healthcare: An Update• Brett McDowell, Executive Director, FIDO Alliance

• Why FIDO Matters in Healthcare• Tom Groom, CEO, HealthNexus

• Q&A

Confidential


FIDO IN HEALTHCARE: AN UPDATEBrett McDowell

February 25, 2016

The FIDO Alliance is an open industry association of over 250 global member organizations

Physical-to-digital identity

User Management

Authentication

Federation

SingleSign-On

Passwords Risk-BasedStrong

MODERNAUTHENTICATION

FIDO Scope


FIDO Alliance Mission

DevelopSpecifications

OperateAdoption Programs

Pursue Formal Standardization

1 2 3



FIDO in Healthcare• This Week’s News:

• Aetna joins FIDO’s Board of Directors• FIDO & NH-ISAC:

• NH-ISAC is the nation’s Healthcare and Public Health Information Sharing and Analysis Center, responsible for advancing all-hazards (physical and cyber) security national critical infrastructure resilience.

• FIDO & NH-ISAC Implemented a Liaison partnership in Q4 2015, with the aim of collaborating on strong authentication standards and policies

• More to come…:• Various workgroups in FIDO are focused on relevant technical and

policy activities – we’re eager to see greater involvement from healthcare industry!

Confidential

Why FIDO Matters?

HealthcareTom Groom

CEO

February 25, 2016

Agenda

• Cyber Risk in Healthcare• Market Trends• Patient Engagement & Analytics

o Role of Technology in Patient Engagemento Health Care Everywhereo Use of data and analytics in Patient Care

• Why FIDO Matters?• ONC - Federal Health IT Strategic Plan Goals• HIMSS – Congressional Ask• FIDO Enabled Healthcare Use Case

Cyber Risk In Healthcare

Image Source: Keeper Security

Ponemon study estimates that data breaches could be costing the healthcare industry $6 billion a year and healthcare organizations of all sizes are at risk.

Cyber Risk In Healthcare

SURFWATCH CYBER in SIGHT

Market Trends – Patient Engagement and Analytics

Health Care Everywhere

• The location of where care is delivered has moved well beyond health care facilities

• Non-physician care roles are expanding• Patient engagement is increasing through the

use of technology• New care settings bring new challenges in

coordination and access• Interesting stat – 50% of health care will shift

from hospitals and clinics to homes and community over the next decade

Things to consider: Organizations need to establish billing and

tracking protocols to ensure coordination of care activities

Investments will be needed to link and integrate fragmented data

Market Trends – Patient Engagement and Analytics

Use of data and analytics in Patient Care

• Increase use of electronic health records (EHRs) is creating more patient-based insights

• Additional data sources such as medical devices, wearables, and other mHealth applications

• Data and Analytics-Based insights will drive efficiencies• Collecting and analyzing data will be very important –

meaningful metrics and outcomes• Organizational and Operational barriers must be

addressed Who owns the data? Privacy/Content issues? Security (Identity Proofing, Authentication, User

Delegation)

EHR’s

Things to consider: Emphasis on improving data tracking and

linking across disparate sources A focus on longitudinal patient data assets

Why FIDO Matters? – ONC

Federal Health IT Strategic Plan Goals:Goal 1: Advance Person-Centered and Self-Managed HealthGoal 2: Transform Health Care Delivery and Community HealthGoal 3: Foster Research, Scientific Knowledge, and InnovationGoal 4: Enhance Nation's Health IT Infrastructure

The Office of the National Coordinator for Health Information Technology (ONC) is a staff division of the Office of the Secretary, within the U.S. Department of Health and Human Services. ONC leads national health IT efforts, charged as the principal federal entity to coordinate nationwide efforts to implement and use the most advanced health information technology and the electronic exchange of health information.

Why FIDO Matters? – HIMSS Congressional Ask

1. Support Robust Interoperability and Health Information Exchange 2. Expand Access to Teleheath Services for Medicare Beneficiaries 3. Support Healthcare's Efforts to Combat Cyber Threats

Healthcare Information and Management Systems Society (HIMSS) is a not-for-profit organization dedicated to improving healthcare quality, safety, cost-effectiveness, and access, through the best use of information technology and management systems.

Congressional Ask:

Why FIDO Matters? – Healthcare Use Case

Patient Access to Immunization Records

A Use Case


The universal questions:

• Where are my family’s immunization records?• What immunization do I need?• Why can’t there be one place to get your

records?

The Solution: Consumer access to Public Health

Immunization Information Systems (IIS)


Public Health Immunization Information Systems • Contain patient immunizations given by physicians, hospital staff, pharmacists,

employer clinics.• Meaningful use requires providers to report Consumer access is an ACA requirement

Scientific Technologies Corporation’s MyIR• A record of your & your families

immunizations• A forecast of what immunizations are due• A Certified State Immunization Report

(school entry, camps, …)


Today - Authentication & access currently inadequateStep 1: Register on-lineStep 2: Now go to your physician as only they can identity proof you and sign you up.Step 3: Remember your password for access records?

• Identify Proofing: Are you the patient? Who are family members?

• Authentication: Password protected only. • Low uptake• Unhappy users

2016Step 1: Register on-lineStep 2: Identity proof on-lineStep 3: FIDO strong authentication to access

• Increased uptake• Empowered users


SpecificationsUAF & U2F

CertificationsFIDO Certified™

ProductsS3 Suite

PartnershipsOEMS,

Authenticators

Camera

Fingerprint Sensor

Microphone

Secure Execution

Secure Storage

Location

Motion, Heartbeat, etc.M7

Face Recognition

FingerprintRecognition

VoiceRecognition

FIDO Enabled MyIR:• Ensures consumer engagement • Can enable:• Outreach - Alerting and notifications

o Area outbreaks – flu near meo Immunizations due – age appropriate, new vaccines, …o Location of are vaccines – travel, limited supplies

• Add patient data from other health data sourceso Prescriptionso Lab test resultso Patient credentialing e.g. Diabetes awarenesso Chronic disease indicators


Tom GroomCEO

HealthNexus(651) 269-2323

[email protected]

Thank You

http://www.healthnexuscorp.com/