Biometrics in healthcare: Improved safety and privacy for patients

Biometrics Are Coming to Healthcare: Why Now?

Global healthcare has shifted away from its reliance on paper-based medical records toward use of electronic health records (EHR).

The benefits of using EHRs to quickly retrieve patient data include:

  • Accurate and up-to-date information at the point of service
  • Highly coordinated and efficient care
  • Secure sharing of patient data among physicians
  • Fewer medical errors
  • Safer prescribing practices

But these benefits depend on hospitals, clinicians, and other healthcare facilities to accurately verify patient identities during all medical encounters.

 Some healthcare institutions have addressed this reality by moving away from biographic-based identification (name, date of birth, Social Security Numbers, etc.) and toward a more definitive form of ID: biometrics.

Identifying patients based on biologically unique traits (face, fingerprint, iris, voice) ensures that care is provided to the right people, leading to a safer and more effective global healthcare environment.

Patient Misidentification: A Global Problem

Patient misidentification negatively impacts care quality and patient safety and well-being:

The top reasons for patient misidentification include patient registration errors (64 percent), time constraints when treating patients (60 percent), and duplicate medical records in the system (30 percent).

Top reasons for patient misidentification

The use of Social Security Numbers in the U.S. hardly alleviates the problem. SSNs can be entered incorrectly, they can be stolen and used fraudulently, and their use for patient identification is not standardized under U.S. law; in fact, no national standard exists for patient identification as of 2018.

Using Biometrics for Proper Patient Identification

Some healthcare stakeholders have attempted to improve patient identification with third-party text-based matching algorithms fed by demographic data like first and last names, dates of birth, SSNs and addresses, but to wildly varying degrees of success.

What’s been missing from the equation are irrefutably unique identifiers; namely, biometrics.

Information can be exchanged, stolen, lost, forged, mistyped, and duplicated. A biometric identifier such as a face or a fingerprint, however, is inherent to a single person. This makes it more conducive to:

  • Cleaner master patient indexes
  • Fewer duplicate health records
  • Less risk of treating the wrong patient

Biometrics also work under circumstances in which hospital or emergency clinic patients lack any form of physical identification. In effect, patients are their own ID.

The Process: Biometric Registration

Step one in biometrics-based is patient registration; enrolling a patient identity. During patient registration, biometric data such as fingerprint, face, iris and/or voice is collected.

 Existing data is searched for a pre-existing record to prevent a duplicate enrollment. The quality and suitability for biometric matching is assessed as part of this process.

If no duplicates are found, the data and record are stored in a secure server.

Fingerprints are a powerful biometric modality. They can correctly identify patients among records numbering in the tens and hundreds of thousands, and even millions.

Facial recognition can also be used, serving as a modality that is interpretable by a human and captured using common devices such as webcams and mobile phones. Iris biometrics are also popular for their accuracy and ease-of-use by patients.

Each biometric modality offers various advantages and disadvantages in terms of performance, security, cost, and ease of use.

The Process: Biometric Identification

When a patient enters a medical facility, a biometric search using their biometric data can confidently locate the corresponding identity in the master patient index. This search determines with a high degree of certainty if a record exists for that patient.

If the individual is already registered, medical staff can access existing health data and expedite quality care, which is especially useful when patients are unable to assert their identity. The risk of creating a duplicate health record for a patient that already exists in the system is mitigated, as is the possibility of overlooking critical medical data needed for proper treatment.

Biometric patient identification also flags cases where identity misrepresentation is used in an attempt to receive healthcare without payment. Biometric searches can detect these attempts by detecting when someone is attempting to submit a false identity.

Future Uses: Multifactor Authentication

Passwords are an inconvenient authentication method because they are often difficult to remember, particularly when used infrequently.

This is often the case for patients accessing their health records. Biometric authentication can be used in place of passwords to enable more secure and convenient access to electronic patient records.

For example, biometrics can be used as part of an out-of-band multifactor authentication scheme. For instance, upon an attempt by a patient to log into their healthcare provider’s website, they can receive a message on their mobile phone that prompts a biometric capture.

Only the person who possesses the smartphone and can successfully authenticate biometrically is able to log in. This approach could be used to verify the identity of someone picking up prescriptions at a pharmacy.

Future Uses: Telemedicine

Better patient identification in healthcare facilities demonstrates the most immediate need for biometrics. However, as healthcare evolves, so will the diversity of use cases for biometrics authentication.

Telemedicine, for example, has become a more common method for improving access to care in remote or underserved medical areas. Biometrics authentication can be used for more secure and convenient login to telemedicine portals.

In fact, a Canadian healthcare technology company has already explored using biometric-enabled mobile drug dispensaries. These in-home devices use facial recognition to dispense drugs and record that the prescription was taken as recommended.

A Slow-But-Sure Transformation in Healthcare

A Pew Charitable Trusts survey revealed that most patients would prefer to use biometrics over other unique identifiers, citing benefits such as:

  • Decreased medical errors
  • A more complete picture of their health for clinicians
  • Better security than demographic data as a unique identifier

Clinician respondents similarly said that biometrics represent the most accurate method for identifying individuals. Many already use biometrics for physical access control among their own staff.

The main reservation for biometrics pertains to standardization and whether governing bodies will actively encourage their use.

Nevertheless, the potential of biometrics to identify patients with close to 100 percent accuracy is all but unquestioned. The global market for biometrics in healthcare is expected to expand through 2020 according to Biometrics Research Group.