Mobile phones are making their presence felt in healthcare, where physicians are using them to access health records and health facilities.
Two separate announcements this week highlight new methods for authentication. Imprivata and PhoneFactor have announced a reseller partnership that will merge the former’s OneSign authentication and access management platform with the latter’s phone-based multi-factor authentication service. Meanwhile, HID Global is adding iCLASS digital authentication to Blackberry smartphones using Near Field Communications (NFC) capabilities.
[See also: Mobile apps keep doctors on the go]
The Imprivata-PhoneFactor announcement aids physicians and patients who want access to medical records through their mobile phones. The HID Global announcement focuses on healthcare workers who want to use their smartphones to enter hospitals or log onto restricted-access workstations.
“For our customers, improved clinician satisfaction and productivity result in better patient care,” said Ed Gaudet, chief marketing officer of Lexington, Mass.-based Imprivata. “The joint Imprivata/PhoneFactor solution delivers an excellent method of strong authentication for physicians and nurses who are already accustomed to carrying their phones and need both on-premise and remote access to patient records.”
The joint solution allows users to receive an automated phone call or text message from PhoneFactor when logging into a hospital’s system from a remote location. The user answers the call and presses the ‘#’ sign, or replies to the text message, to authenticate through Imprivata’s OneSign Anywhere platform.
“Patients place a tremendous amount of trust in their healthcare providers and that includes an expectation that practitioners will safeguard their privacy,” said Tim Sutton, CEO of Overland Park, Kan.-based PhoneFactor. “The joint PhoneFactor/Imprivata solution helps healthcare providers meet that expectation by ensuring that only authorized users have access to systems containing patient records. This is critical for regulatory compliance, but perhaps more importantly, is essential to maintaining patient trust.”
“As healthcare delivery organizations extend the reach of their most critical clinical systems to remote locations and mobile devices, the demand for convenient and secure access increases,” said Barry Runyon, vice president of research for industry analyst Gartner. “By combining single sign-on with phone-based strong authentication, particularly out-of-band approaches that mitigate man-in-the-middle and man-in-the browser attacks, healthcare delivery organizations can simplify clinician access to PHI while preventing unauthorized use.”