Of course, the problem with sending this information in an email is that email is not secure. Email encryption hasn’t taken hold fast enough to make it encrypted. Is a user’s email box really a secure location where they want their health information? I personally don’t have a problem with it, but I would expect that many people wouldn’t want their health information in their email any more than their regular mailbox. Either way, without the encryption it wouldn’t be difficult for someone to sniff out what’s being sent in an Email containing for example a patient’s discharge. It would be going across the internet in basically plain text.

This situation actually happened in Austrailia a little while back in an article I read called “Unsecured email sparks dispute.” I know I wouldn’t be happy if a clinic just decided to send these unsecured emails. Not so much because I was personally worried about my information being lost. I personally have nothing to hide (yet anyway). However, I would feel uncomfortable patronizing an organization that would deal so flippantly with my information.

I’m sure that someone will chime in that this is the whole purpose of a Patient Portal or EHR interface that allows people a secure method to receive and send protected health information. This is all well and good, but from what I’ve seen this usually requires the doctor’s EMR company to support this type of interaction. Plus, even more serious of an issue is that you’re giving your patients one more login and password that they’ll need to remember. Certainly not a deal breaker, but one more inconvenience for our users and the staff that have to support our users when they forget their password. Unfortunately, I think that this is the future of secured messaging, but I can always hope that there’s something better that we’re just missing.

We should also realize that this isn’t going to get any easier. In fact, I think we can reasonably say that this is going to get harder and harder. Don’t be surprised if soon some patient would like their health information somehow incorporated into some site like Facebook. It’s really only a matter of time until some developer creates a health interface into Facebook.

It might not make sense to most people, but the next generation of patients are going to grow up living and breathing their online life in some sort of social network (Facebook is just one example of these). They are very comfortable with transparency and will be interested in being able to track and compare health information with other people. Not to mention interact in a social network with other people who have similar conditions. It seems like this isn’t a question of if, but when this type of interaction will happen.

Even if you think that health information on a social network like Facebook is far fetched, we are already seeing health information propagating to the web in Microsoft’s HealthVault and Google Health. Is this going to be ok? Will it become as synonymous as online banking has become to the banking world? It’s not that far of a stretch to think that Google Health could easily be tied into Google’s OpenSocial platform which would allow a patient’s health information to do all sorts of cool things.

The convergence of Health Care and IT is going to be really interesting. It’s taken health care a while to get going with IT, but I think almost everyone agrees that IT could do amazing things to better the health care a person receives.

Related posts:

1. More Google Health Fodder - Cleveland Hospital Starting First The AP had a story today that told about a...
2. Google Health Beta Page is Up UPDATE: Google Health Beta is now LIVE! Today I saw...
3. Google Health Announced - Kind of Well, my prediction that Eric Schmidt would announce Google Health...

I was kind of surprised by how long it took the hospital to get in touch with UPS after the box was lost. Ok, so I’m not really surprised that the hospital is not watching all of the HIPAA information they sent out to make sure that it arrives safely, but maybe it should. UPS has some pretty incredible tracking tools these days that really aren’t that hard to use.

The other interesting thing to consider is how these types of audits/information transfer happens in an electronic world. I know that we transfer eligibility lists to insurance companies using Secure FTP and that works quite well. We’ve worked with a scanning company who is scanning our old paper charts and when we need to access one of those old records, they send us an encrypted file through email. That works pretty smoothly.

Unfortunately, I think if a patient wants a record right now or if we needed to send some health information out for an audit (not sure why we would need to) then we’d have to pretty much just print out the electronic record like we do when a patient makes a . In fact, we’ve even made a request to our EMR software company to give us a one click method that will allow us to print the entire chart. It’s a pain to print out everything in the paper chart from what’s scanned in, to prescriptions, to lab results, to referrals, etc etc etc. Any EMR companies have a better way to do this?

Related posts:

1. Health Information and the New iPhone A few days ago I got the following email to...
2. Examples of HIPAA Privacy Violations - More HIPAA Lawsuits Coming? I found a website that listed a number of Privacy...
3. More HealthVault Information My previous post about Microsoft's HealthVault was my initial reaction...

-Google Health will not contain ads (although I bet that won’t stop them from using the information to target the ads it shows you other places)
-Eric Schmidt repeatedly said no data would be shared without the consumer’s consent (unless of course some hacker finds a way around Google’s security measures)
-1,370 volunteers at the Cleveland Clinic are beta testing the application
-Portability is the key (we heard that this was a form of CCR, but if it requires consent are people going to go to the effort to make it portable?)

Despite certain privacy questions and fears around Google Health I think that Eric Schmidt made a very good point about the way Google will protect your information from legal cases when he said:

“In the Google implementation, your personal health information will not be given to anyone without their explicit permission, which is not true completely for HIPAA-compliant systems. If we get a subpoena, we always check our judgment as to whether the subpoena is narrow enough. If we think it’s a fishing expedition, we will fight it in court. That has worked well for us so far.”

The battle of PHRs by Google Health and Microsoft HealthVault have begun. While I love to see the big players participating in healthcare, I’m not sure they’ve figured out the right motivational drivers that will make this a smashing success. It wouldn’t surprise me if in a few years we hear stories about a life being saved because of proper information and how even one saved life is worth it.

The biggest disappointment: No announcement about when we can get in and try it out ourselves.

UPDATE: Techcrunch think that whoever cracks the healthcare nut will have a huge new market. I don’t see it ever cracking. Marissa Mayer talks about Google Health on the Official Google Blog.

Related posts:

1. Google Health Beta Live - What does this mean for EHR? I've been following the Google Health announcements for quite a...
2. More Google Health Fodder - Cleveland Hospital Starting First The AP had a story today that told about a...
3. Google Health Beta Page is Up UPDATE: Google Health Beta is now LIVE! Today I saw...

Does EMR affect this? Probably not directly, but indirectly many of these cases could be related to your use of an EMR system.

Here’s 2 examples that I found quite interesting from the HIPAA privacy violations article:

# A psychiatrist from New Hampshire was fined $1,000 for repeatedly looking at the medical records of an acquaintance without permission. Because there was no state law making it a crime to breach the confidentiality of medical records, the case was brought under a law against misusing a computer. (”Psychiatrist Convicted of Snooping in Records,” The Associated Press State & Local Wire, May 5, 1999)

# A jury in Waukesha, Wisconsin, found that an emergency medical technician (EMT) invaded the privacy of an overdose patient when she told the patient’s co-worker about the overdose. The co-worker then told nurses at West Allis Memorial Hospital, where both she and the patient were nurses. The EMT claimed that she called the patient’s co-worker out of concern for the patient. The jury, however, found that regardless of her intentions, the EMT had no right to disclose confidential and sensitive medical information, and directed the EMT and her employer to pay $3,000 for the invasion of privacy. (L. Sink, “Jurors Decide Patient Privacy Was Invaded,” Milwaukee Journal Sentinel, May 9, 2002)

My biggest comfort with HIPAA is that it doesn’t seem like they are really out headhunting. If you are an honest person who makes a bad choice then HIPAA is kinder to you then those that blatantly misuse the information. However, in our sue happy world that might be changing.

Related posts:

1. Privacy as a Right? A recent article in the Washington Post described a new...
2. 60,000 EMR and HIPAA Visitors and Counting - A Statistical Review of EMR and HIPAA 60,000 visits to EMR and HIPAA!! That is really quite...
3. Two HIPAA Decisions I had been getting some searches on the site for...

Today they issued pricing on their FastAccess product that is very reasonable compared to other biometric devices. I’ve attached the release below and here’s a short review of the product with certainly more details to come as I continue to use it.

Setup
Setting up the FastAccess was a piece of cake. I got the box with only 15 minutes before I had to be somewhere. I unboxed the product, read the instructions(yes I always feel I must read the instructions on new products) and installed it on my computer. In 15 minutes I had it recognize my face and automatically log me in. The other nice part is that the set was really nothing but plug the camera in and run the CD install file. On restart it starts learning who you are when you log in. Couldn’t have been simpler. I repeated this process on my laptop so I could show my wife and had it set up in 5 minutes(booting my computer took longer than setup).

Facial Recognition/Training
Training facial recognition is much different than other biometrics. Fingerprint biometrics requires you to “train” it to know your fingerprint. Facial recognition(at least with FastAccess) is continually updating every time you login. In fact, it stores 90-100 different biometric “faces” that identify you. The biggest fault with this model is that initially the recognition is poorer than fingerprint recognition. However, with time I’ve seen that it actually is more reliable and recognizes you quicker than fingerprint. Not to mention it recognizes you just coming into view. No need to reach and hold your finger or eye to something. The lazy part of me loves that.

Active Directory Integration
FastAccess has very nice integration with active directory. The best part is that they have two methods of implementing active directory integration. First, they can extend the active directory schema. While this is a common practice, it is difficult to convince my system administrator to do since it can’t be rolled back if we decide we don’t want to do it anymore. Second, FastAccess can be implemented using existing active directory fields. This means that you can test the active directory implementation without extending the schema. I plan on doing this in the near future and you can expect a review of it soon.

Strong Audit Controls
Looking over the audit logs they are pretty standard for what you would need to satisfy HIPAA. Having active directory manage this type of audit control would be key to me.

Continuous Security
The biggest advantage to facial recognition is that it is continuously verifying your access. My biggest problem with fingerprint biometrics had to do with not having a way to easily lock the workstation. Facial recognition biometrics is constantly monitoring to see you are the authorized person. If you leave then it locks the computer. This really changes the way you deal with authentication since it can create a true single sign on.

Security Screen Capture
This idea is inegnious. Since you have a camera you might as well capture a picture of the person that was signed on to a machine. Imagine them saying they didn’t log in and you can show them the picture taken when they did log in. Fantastic!! There is also talk of using this technology as a digital signature. I’d love that with my EMR.

Pictures and Twins
I tried to see what I could do to fool the camera and nothing really worked. I imagine this is theoretically possible, but it would have to be a picture in the exact same place as the biometric match. FastAccess tells me that they add in environmental variables(such as light) which makes it much more difficult to fool. So far so good. The idea of twins is addressed in the documentation. I’ll be testing it on my wife and her twin sister to see how that goes. Sometimes it freaks me out how much they look alike.

Accuracy
In an EMR or healthcare environment FastAccess has designed it properly. Sometimes it didn’t recognize me and so it required me to enter my password and then after logging in, it stores another biometric image. While this could be annoying to some doctors, I see this as an essential key to proper authentication.

Instant Desktop Switching
This seems like it is a somewhat new module being developed by Sensible Vision. The idea is that multiple people can log in to the same account and have a different desktop. This currently works espescially well with Internet Explorer and a few other selected applications. I imagine this list will grow over time. They offered to make it work for my favorite apps. One interesting note is that they have it working for Cerner’s EMR. I’ll be having them develop it for Medicat EMR(my EMR)

Random Points
Since FastAccess is constantly checking for facial recognition, when you answer the phone that changes what your face looks like. This isn’t really a problem since they store 90-100 different biometric “prints”. You just have to “train” it to know what you look like with a phone in hand.

One nice feature is that you can turn off continuous facial recognition when you have a presentation. It lets you disable the recognition for a specified period of time. It also recognizes any keyboard or mouse input and disables locking when it sees either.

Here’s the Press Release:
Sensible Vision Innovates Biometric Facial Recognition for Continuous Computer Access Control and Authentication

FastAccess Virtually Eliminates Passwords, Makes Computer Easier to Use and Ensures Privacy Compliance and Identity Management

Introductory Pricing of $99 per Desktop License

Covert, Michigan, April 3, 2006 – Sensible Vision, an innovator of continuous authentication solutions, today revolutionized computer access control and authentication by replacing a user’s password with their face. Sensible Vision’s FastAccess™ is a powerful yet simple solution that uses patent-pending biometric facial recognition to automatically and continuously authenticate user log-in and instantly secure the computer when the user leaves. This virtually eliminates login passwords, makes the computer significantly more secure and easier to use, and strengthens access control auditing for privacy and identity management policies.

“Because a person’s face is unique and always with them, it is ultimately the ideal password and the best way of continuously ensuring who is accessing the computer,” said George Brostoff, CEO of Sensible Vision. “This is a new paradigm for secure and simplified computer access that goes well beyond initial log-in and inactivity timers. FastAccess identifies and authenticates users in less time than it takes to enter a password and knows the second they leave their computers. These breakthroughs make it a simple, secure and low-cost approach for securing the computer and network.”

Automatic Authentication and Continuous Access Control

Sensible Vision has innovated biometric facial recognition to provide a convenient and fast way to securely submit a user’s account credentials to Windows and applications. Users simply approach the computer equipped with a standard web camera, and FastAccess biometrically authenticates them and logs them on. Once they step away, the computer automatically secures. When they return, FastAccess automatically unlocks the computer and their desktop is returned as they left it. Advantages include:

* No More Passwords, Better User Productivity: Users focus on their jobs rather than time-consuming and frustrating processes of constantly entering passwords 20, 50 or 70 times a day.
* No More Unsecured, Unattended Computers: Computers instantly secure when users leave.
* Improved Access Control and Auditing: Provides an accurate audit of computer access for privacy and compliance – a true audit log of who’s been at the computer and when.
* Simple Setup and Administration: Unlike other security and biometric solutions, no special enrollment procedures or ad ministration is required to distribute and manage ongoing support for lost or damaged tokens. Administrators can configure FastAccess locally or remotely through Microsoft’s Active Directory or Novell eDirectory.
* Support for Shared Computers: FastAccess features Instant Desktop Switching for multiple users who need quick access to shared workstations, such as in healthcare and manufacturing environments. Access is granted to each user almost instantly, without the usual delay logging into the network account.

Optimizing Productivity and Security

“It’s imperative for security solutions to complement user workflows and mitigate interruptions while simultaneously meeting the most stringent tests for identity, privacy and regulatory compliance,” said Rob Alger, director of IT strategy at Kaiser Permanente and Sensible Vision Technical Advisory Board member. “By guarding computer access from log-in until users walk away , Sensible Vision is addressing a critical hurdle in persistent data protection and access control that optimizes user workflow and productivity.”

FastAccess has innovated facial recognition with its patent pending Continuous Adaptive Sensing™ (CAS) technology to provide fast and accurate recognition to a computer. CAS takes a dramatically different approach to facial recognition than traditional solutions targeted at homeland security. FastAccess sets a much higher standard for accuracy. While most existing facial recognition technologies have false acceptance rates of several in 100 matches, CAS typically achieves a false acceptance rate of several in 1,000,000 matches. FastAccess accuracy is superior to existing security solutions where passwords are written down, shared or easily guessed.

“Minimizing disruptive computer login procedures continues to be a pain point for organizations,” said Cyrus Azar, CTO of Sensible Vision. “Passwords are difficult to enforce and ineffective in practice. Tokens can be shared or lost while previous biometrics have proven expensive, inconvenient to use or unreliable. Most importantly, none of these approaches offers continuous security: they simply authenticate the user at initial login. Not only does FastAccess simplify user access, but, finally IT staff can spend less time on administering security processes and focus on other critical business tasks.”

Introductory Pricing & System Requirements

FastAccess is comprised of client software installed on the PC, a standard web camera, and a management application installed on a domain controller. The client software can be part of an organization’s standard image and can be automatically distributed to remote PCs via existing software management tools.

Sensible Vision announced today special introductory pricing for FastAccess of $99 per desktop license through June 30, 2006. FastAccess may also be purchased under a service-based model with a two-year subscription price of $49/year for each license. Web cameras are also available for $25.00.

About Sensible Vision

Headquartered in Covert, Michigan, Sensible Vision Inc. (www.sensiblevision.com) is an emerging provider of continuous access control solutions for securing computers using facial recognition. Sensible Vision’s flagship product, FastAccess™, is an insider firewall that provides quick and continuous authentication and access control for computers and workstations. Using patent-pending biometric facial recognition, it speeds and simplifies access to the computer in a way that is economical and easy to deploy.

Related posts:

1. Blogposium: EMR and Biometric Integrations - Facial Recognition, Fingerprint Recognition, Palm Recognition, Retinal Scan. Authentication and Signatures Using Biometrics EMR and Biometrics Integration Biometrics (ancient Greek: bios ="life", metron...
2. Facial Recognition is the Best Biometric Solution I don't usually like to post blanket statements like the...
3. Biometric Authentication Using Typing Behavior I've been pretty outspoken about my love for biometrics in...

One other really nice feature with biometrics security is that you can choose to restrict people from using a password to get into certain programs. While this could be scary if something happens to the biometrics device it is an interesting concept. Since it is all managed by group policy in active directory I could train my end users on just using their fingerprints and never having them know their password(see below for password change policy). I would of course want to be able to use a password or biometrics, but there might be a few cases where you could literally restrict access to EMR to a fingerprint. Now that’s security!

Password Change Policy
One other impressive feature that I had never considered is how does biometrics handle the wonderful password change policies required by HIPAA? It’s not like your fingerprint can be changed. The units I’m testing can take care of this for you as part of the templates you create for each application. In fact, if you don’t want to have users know the password at all you can even have the biometrics software generate a password. I think this might be a little scary since then if the biometric device breaks or some other problem then you have no way of getting into your EMR program(or other application as desired).

Related posts:

1. Biometrics Accuracy If you've been reading my blog for some time you...
2. Biometrics - Multiple Users Multiple Users In my continuing Biometrics experience I found some...
3. A Couple Thoughts on Biometrics and EMR Biometrics is a great option and I believe will be...

Face Authentication Software
The Healthcare IT Guy posted an interesting review of some auto-recognition and auto-login system for healthcare workstations called FastAccess by Sensible Vision. A standard web cam, easily installed software that can recognize my face to log me in. I need to get me a demo so I can try it out.

US Healthcare System
This is a nice article saying that although the media describes the US Healthcare system as broken down, many “better” healthcare systems aren’t immune to problems.

Mirth Project
I really like the idea of an open source project that supports HL7 messaging. I just can’t get my head around what exactly this means and how they are making the wretched HL7 messaging any easier.

Related posts:

1. Biometric Facial Recognition for Continuous Computer Access Control and Authentication I briefly mentioned Face Authentication in a previous post. As...
2. Biometric Authentication Using Typing Behavior I've been pretty outspoken about my love for biometrics in...
3. Blogposium: EMR and Biometric Integrations - Facial Recognition, Fingerprint Recognition, Palm Recognition, Retinal Scan. Authentication and Signatures Using Biometrics EMR and Biometrics Integration Biometrics (ancient Greek: bios ="life", metron...

The worst solution is to make each doctor or nurse log in and out of windows. Otherwise, the biometrics software can only allow the person who logged into windows log into the EMR. We all know how long it takes for Windows to log in and out and so that’s not an option. By the time you are logged in and out of Windows you will have no need for the computer, because your visit with the patient will be done. This is ideal for those counseling centers using EMR. It’s not unreasonable for them to log in and out because they don’t share computers as much and often are going to spend a long period of time charting their clients.

What’s the solution? The key is that you want the computer locked so you have good security, but you don’t want to have to log the windows user in and out of the system. My friends (at least they better be friends since I’m writing such nice things about them) at Digital Persona have a solution they’ve created for just this problem. It’s been termed to me as their “kiosk” software.

This kiosk software was described to me as being able to have a generic windows login to a “kiosk” computer. This “kiosk” computer in our example would be a computer in an exam room. Many of you HIPAA experts out there may be ready to scream VIOLATION at the thought of a generic login shared by multiple users. Have no fear! This isn’t the EMR and HIPAA log for nothing. A generic windows login really isn’t a problem in this case because it is all integrated with active directory. You set a group policy that allows a group of users access to that generic login. Only those users will be able to use the generic login and unlock the computer. Furthermore, every time the generic login is used it is all nicely logged by the biometrics software for future security needs. Isn’t that great?

One caveat is that Digital Persona’s “kiosk” software must be tied to their active directory server software which I’ve mentioned before.

The best summary is one computer used by multiple users using biometrics to securely log into EMR.

Related posts:

1. Must Be Biometrics Month Sorry for yet another biometrics, but I've been working with...
2. Biometrics - Security, Password Change Policy Security Biometrics Security is pretty impressive. We've joked a few...
3. A Couple Thoughts on Biometrics and EMR Biometrics is a great option and I believe will be...

Now that I’m past that emotional connection I’ve started at looking at biometrics accuracy and security. This is a huge issue, because I don’t want anyone not getting in that shouldn’t be in. Possibly more important (unless you’re the HIPAA police reading) is you being the correct person and the reader not recognizing who you are. As usual these two items are at odds. You can’t keep everyone out and still ensure that it will ALWAYS recognize your fingerprint. You’ll always have a tradeoff.

In my conversations with DigitalPersona I was introduced to 2 terms FAR - False Accept Rate and FRR - False Reject Rate. I’m told this is a common term used by all biometrics companies. Essentially this tells you how many times you can expect to get an unauthorized use accessing a machine or the number of times an authorized user can’t access a machine. As you increase the FAR for security then the FRR will increase and vice versa.

The coolest part of this all is that you get to actually choose what FRR and FAR you want (at least with the biometrics I’m testing). From my limited knowledge biometrics is matching the points and curves on your fingerprint and then exporting it to a binary file. Then, in the future it creates another binary file and matches those points. If you increase the number of points it has to match then the False Reject Rate goes up, but the False Accept Rate goes down.

What does this mean for an EMR wanting to use biometrics? You are going to have to decide what FRR and FAR you are ok with. In the end if you have documented a well thought out reason then HIPAA security issues won’t be a problem. However, if you just say I always want to let my users get in regardless of the security implementation then you might have a HIPAA problem. My suggestion would be to follow the biometrics vendor’s suggestion and use their skill as the basis for your security. Never go under what the vendor suggests for security. That should raise a huge red flag. Otherwise, biometrics is a great technology with great security benefits and less password support requests.

Related posts:

1. Biometrics - Security, Password Change Policy Security Biometrics Security is pretty impressive. We've joked a few...
2. Biometrics - Multiple Users Multiple Users In my continuing Biometrics experience I found some...
3. A Couple Thoughts on Biometrics and EMR Biometrics is a great option and I believe will be...

Rick Brady mentioned that “HIPAA has no teeth.” I agree in principle. Martin Jensen mentioned that he used to agree with it not having teeth until he had a conversation with one of the regulators.

I think there are really a few important points. The penalties really are rather small and incosequential compared to the costs of compliancy. Every good business has to weigh those two factors. However, the more difficult concept to calculate is the shame of a HIPAA violation. I can tell you now that this is something for which people are very interested. The most often google search I get is for HIPAA Lawsuits. People are scared of this possibility and want to know who is going to take the fall at HIPAA’s hands. I really feel like I’m stuck between a rock and a hard place. HIPAA compliancy and budgeting.

My only relief is in the following excerpt:

[A] civil money penalty may not be imposed ‘‘if it is established to the satisfaction of the Secretary that the person liable for the penalty did not know, and by exercising reasonable diligence would not have known, that such person violated the provision’’,…if the failure to comply was due ‘‘to reasonable cause and not to willful neglect’’ and is corrected within a certain time, [and] a civil money penalty may be reduced or entirely waived ‘‘to the extent that the payment of such penalty would be excessive relative to the compliance failure involved.’’

Related posts:

1. Examples of HIPAA Privacy Violations - More HIPAA Lawsuits Coming? I found a website that listed a number of Privacy...
2. Wireless Technology/Security Wireless Security is always a hot topic when you look...
3. Biometrics - Security, Password Change Policy Security Biometrics Security is pretty impressive. We've joked a few...