Proving who you say you are

Today, people spend so much time with their computers and favourite websites that we naturally assume that passwords are the natural or only way to protect computers and applications. We all have passwords – in fact, some estimates suggest that each person has over a dozen of them.

In the healthcare industry, passwords can actually be a problem. Fundamentally, passwords are insecure. There’s a variety of reasons for this. Firstly, anyone who can guess (or see) your password can log in as you and gain access to materials that only you are supposed to have access to. In healthcare, this is an obvious problem, especially in terms of privacy. Secondly, for passwords to be secure, they need to be at least seven or eight characters long, preferably longer, and incorporate a variety of characters, which makes them hard to remember. When passwords are hard to remember, the help desk receives a lot of calls, driving up costs.  And in the healthcare environment, especially in a hospital, there is no good time to forget a password.

Ideal for healthcare settings
For these reasons, many hospitals and other medical institutions are turning to biometric applications instead of passwords. Biometrics have a number of qualities that make them ideal for medical environments. In essence, the system relies on the comparison of freshly captured biometric identifiers with those stored by the hospital. The accuracy, efficiency and non-intrusiveness of the system are essential criteria for its success – especially the protection of patient privacy and the confidentiality of medical records.

The first advantage is simple, you cannot forget your own biometric data. Wherever you go, you have your biometrics with you, and this simple fact actually reduces costs, since there are no calls to the help desk to help you remember your biometric data. Help desk costs for password resets are actually much higher than many people realise, with estimates ranging from $30 to $70 per year per person.

Fail-proof
Biometrics are for all practical purposes impossible to copy (despite what you may see in Mission Impossible). This means that when someone logs in using a biometric application, they really are the person they claim to be (and not an unauthorised user logging in with a stolen password). This means greater privacy protection for patients and improved security for the healthcare professional.

Thirdly, biometrics are fast. In emergency situations, there is a clear benefit in health care providers using their fingerprints or other biometric identifiers rapidly to gain access to systems rather than to have to type (and perhaps retype) a long password. Also the advanced speed to switch from one user to another user is a very important requirement in hospitals.

Lastly, unlike other ‘secure tokens’ such as smart cards or one-time password generators, biometrics cannot be lost. They are always with you, wherever you go. They cannot be forgotten, they cannot be misplaced.

Case Study
An example of these concepts can be seen in Luxembourg’s Centre Hospitalier du Nord (CHdN), who decided to move to biometrics to improve security.  When the different health institutions of North Luxembourg were being merged and the hospital’s network expanded, Centre Hospitalier du Nord needed to improve its access security. Various challenges were identified. Firstly, the solution had to allow a high level of security, linked to the physical identity of the user. Secondly, new legal obligations regarding privacy of patient records required strict access control, especially governing multiple-user access to the same workstations. Thirdly, access levels had to be defined in order to provide doctors, nursing and administrative personnel with different access rights. Finally, the solution had to guarantee high availability.

Password-based access was problematic and fundamentally insecure for some of the reasons cited already. Restrictive regulations to make passwords more secure also make passwords difficult to remember, which leads to an increase in helpdesk activity and the danger of passwords being written down.

Moreover, password-based access did not guarantee the physical identity of the user. So it was that CHdN turned to biometric identification based upon fingerprint recognition technologies. As almost everyone knows, fingerprints are unique – and because of this, they provide a high degree of security and confidentiality. Unlike the situation with passwords, when authentication is done by a fingerprint, there is nearly a 100 per cent guarantee that the person being authenticated is the duly authorised person and not an imposter. 

Getting Started
The biometrics deployment started with every user registering two fingerprints on the system ID Center in all units of the hospital. In the first phase, 300 ID mouse units were purchased and a stand-alone solution was installed.

This solution had its limitations, because only a restricted set of users had access to one machine. And in order to guarantee reliable system access, server based authentication had to be installed. So CHdN opted for a server-based solution that stores encrypted biometric profiles in a centralised high-security database; matching them with fingerprints scanned by the ID Mouse. When recognised and authorised, the user is granted appropriate access rights: both network access and access to applications via a Citrix-based system.

Because a hospital demands very high availability network access, this solution is hosted on clustered servers. Additionally, biometric identification is applied to applications that require an electronic signature (for example, the issue of prescriptions). When logging in at another unit, users have immediate access to both their applications and the files they were working on previously.

“Privacy of biometric data was a major concern for our users but the features of our ID Center solution prevent any abuse,” says Stephanie Heuschling, IT manager at CHdN. But because biometric profiles never contain images or insecure personal data, only encoded information, CHdN swiftly gained staff acceptance, having first communicated extensively about the new system before deployment.”

“We faced very little resistance, especially as the request originated from the medical personnel,”adds Daniel Schartz, IT security manager responsible at CHdN. “The deployment was smooth and well accepted thanks to the significant ease-of-use benefits. In over five years since then we have had very few calls concerning login problems,” concluded Stephanie Heuschling.

Benefits
Benefits can be summed up in three words: efficiency, cost and security. Biometric identification makes password administration easier and less costly, while the hierarchy of access rights according to user profiles provides patients with a guarantee of confidentiality. “The solution has transformed security – and mobility between different units throughout the hospital is really simple,” comments Daniel Schartz.

These benefits were critical in securing approval for the system from the Luxembourg Commission for Data Protection.

Active users have now increased threefold. In fact, the system has also expanded beyond the walls of the hospital – to bring on board over 30 contract physicians who work at CHdN but have their own offices off-site. Now that fingerprint technology has been agreed as CHdN’s sole authentication solution, all other programmes will now be adapted to use biometric authentication.