The Smart Card Alliance Healthcare Council is urging the use of two-factor authentication with smart card technology as a way to protect against medical identity theft.
According to a recent Ponemon Institute study, nearly 1.5 million Americans have been victims of medical identity theft with an estimated total cost of $28.6 billion – about $20,000 per victim.
Though recent legislation, such as the American Recovery and Reinvestment Act (ARRA) and the associated provisions under the Health Information Technology for Economic and Clinical Health (HITECH) Act, highlights the need to address privacy and security across the U.S. healthcare system, no controls have been put in place to assure that patient information is always protected, notes the alliance.
"The individuals whose medical identities are stolen have to deal with lingering effects, like erroneous medical expenses, problems with insurance, and incorrect data on their medical records that can lead to potentially fatal medical errors," said Randy Vanderhoof, executive director of the Smart Card Alliance. "To prevent this, patients need an unambiguous way to identify themselves to their healthcare provider when accessing patient records or requesting healthcare services, whether it be in person or over a network."
The Smart Card Alliance Council has published a brief that explains how two-factor authentication with smart cards can accomplish this.
In "Medical Identity Theft in Healthcare," the council describes how two-factor authentication with smart card technology allows patients and providers to securely access personal health information. Smart card technology is a proven technology, already used in U.S. electronic passports, and in the U.S. federal government's employee ID cards that are used to access the nation's most secure computer networks and facilities, the council notes. The technology includes a tamper-resistant chip with security software that can be embedded into a card, token or mobile device (like a mobile phone).
As the council is composed of industry professionals from all parts of the healthcare sector, it has a unique perspective on the issues facing the industry, said Paul Contino, vice president of information technology at Mount Sinai Medical Center and chairman of the Smart Card Alliance Healthcare Council.
"This is especially important as healthcare moves quickly toward electronic records, and ready solutions are needed to address the security and privacy challenges ahead," Contino said.
