Biometrics in Healthcare

HIPAA and Beyond

I recently visited a new physician for an annual check–up and found myself amused by the HIPAA privacy compliance process. I was given a one-page document informing me of my rights and my healthcare providers obligations regarding the privacy of my medical records. This appeared to be nothing more than a bureau-speak version of the one line agreement that had always been included at the bottom of any medical personal information form requesting approval for the transfer of medical records between past and future practitioners and insurance companies.

All the HIPAA privacy mania seemed rather overblown as I watched the receptionist photocopy my insurance card then enter some basic personal data into the easily accessible PC on her desk. Paper copies of the insurance card along with the rest of my medical history would then be retained in one of the open filing cabinets surrounding her in the reception area. Wow. Thank heavens for HIPAA. Now I really feel like my healthcare records are safe and secure.

Sarcasm aside, day-to-day operations for most healthcare practitioners have not really changed as HIPAA has gone live. Though that one-page form I signed will now have to be faxed to my previous healthcare provider before they can forward my medical records. Most small physician practices- that have at most closed local networks - will be similarly unaffected. The true complexity and challenge of HIPAA comes into play with larger provider and payer organizations where data is stored and accessed across larger private and public electronic networks.

Subsequently, it has been these larger organizations where biometrics vendors have focused their efforts to secure access to facilities and patient records one organization at a time. This approach is representative of how biometrics vendors view their opportunities within all verticals; point solutions that bridge physical and logical security within a single facility. In the healthcare arena, HIPAA has been the leverage point that has opened the doors for this opportunity.

And while this open door is a genuine opportunity and patient privacy is certainly not a trivial issue, in many ways HIPAA is a distraction from the broader business opportunity at hand. The larger opportunity lies with consideration of overall healthcare market dynamics and how biometrics fit into more comprehensive healthcare IT trends. Two of the most significant and seemingly incongruent drivers are patient safely and cost reduction. The business of healthcare is providing safe, reliable, affordable patient care (in the private sector add profitable). IT projects that address healthcare’s primary business concerns will be more quickly and enthusiastically accepted and adopted. Technology based solutions that also increase convenience for caregivers, patients and payer organizations may even be met with outright enthusiasm. This is the healthcare power play for biometrics. Rather than focus on linking physical and logical security, focus on linking patient safety and cost reduction through increased operational efficiency and convenience.

C. Maxine Most, 2003