The health system has the technology up and running at two facilities for 2,500 users. It plans to eventually roll out the technology for 25,000 users at its 18 acute care hospitals, Gutsche says. He declined to provide information on the costs of the implementation.
The technologies, fully implemented last March, have already significantly improved clinical workflow. A study done by Sisters of Mercy found that before the technologies were implemented, it took clinicians an average of five minutes to sign on to the desktop, launch three applications, locate a patient within those applications and log off a shared workstation. The same process now can be done in seven seconds.
Getting in
Sisters of Mercy's log-in process now begins when clinicians approach a computer on a floor. The proximity badges-from Ann Arbor, Mich.-based Ensure Technologies Inc.-are embedded with battery-operated transmitters that emit a signal to small radio frequency antennas mounted on computers. When a clinician comes within six to eight feet of a computer, the badge will send a signal to enable the PC to identify the user. While the computer knows the user's name, a clinician still must provide a second factor of authentication.
They can do so one of two ways-typing in a single password, or identifying themselves by scanning their fingerprint on a biometric scanner attached to the computer via a USB port. The delivery system is using optical fingerprint readers from Stamford, Conn.-based L-1 Identity Solutions, formerly Identix Inc. The scanners can read and recognize a fingerprint from any orientation, be it upside down or from the side.
"We wanted to implement a 'zero touch' keyboard log-in, and it's been a very efficient way to access the network," Gutsche says. "Within a few seconds they are in Cerner, Meditech and all the other programs." Users, however, can still log in without using the biometrics system or proximity badges by typing in both a user name and password.
Keep it private
During the initial phases of implementation, some users raised privacy concerns about having their fingerprints scanned, Gutsche says. "Occasionally someone would say they don't feel comfortable," he says. "But then we explained that we're not storing the image but a bunch of zeros and ones." After the fingerprint image is scanned, a computer algorithm transforms it into a template, or random string of numbers, and the image is discarded.
The single-sign-on software interfaces with 23 applications, including most of the clinical applications needed on a daily basis by the medical staff, Gutsche says. Users not only can log into all authorized applications at one time, they also can pull up patient data from multiple applications through one search. Previously, clinicians had to log into each separate application to retrieve the data, Gutsche says.
An unexpected benefit of the authentication system has been audit reports generated by the single-sign-on application, Gutsche says, which tracks who logged on the systems at what computer. The I.T. staff is using those reports to pinpoint where the high-traffic areas are on the floors and devise plans to add more computers in these areas, he says.
Sisters of Mercy has programmed security procedures into the log-in system to ensure compliance with the security regulations mandated by the Health Insurance Portability and Accountability Act.
If a clinician walks six feet away from the workstation they're logged into, the screen will go dark and the computer will lock. If they return to the workstation in less than 10 minutes, the proximity badge will unlock the computer and display the session where the user left off. If they're are gone longer than 10 minutes, they will need to reauthenticate with their fingerprint or password.
If one user is logged onto a computer, other clinicians will not be logged on if they come within the range of the RF antenna. However, if the clinician who is logged in walks away, the system will enable another user to log in and erase the screen that was on display for the first user.
The health system also uses the biometric/single-sign-on system for computers mounted on mobile carts, but it has reduced the range of the signal so that if a nurse walks just a few feet away to check on patient, the screen goes blank.
The HIPAA factor
HIPAA requirements are a driving force behind the use of biometrics in health care, says Victor Lee, senior consultant at the New York-based International Biometric Group. Not only does it provide another layer of data security, but it also provides irrefutable evidence of who was accessing information, Lee says. If a HIPAA security or privacy breach is detected, for example, a user can't deny they accessed data if they were authenticated by a fingerprint scan, he explains.
HIPAA security regulations, as well as the need to speed access to applications, has made single-sign-on and identity management a priority for health care I.T. leaders. Seventy-nine percent of I.T. executives consider implementing single sign-on technology their highest I.T. priority in the next two years, according to the 2006 Annual Leadership Survey conducted by the Chicago-based Healthcare Information and Management Systems Society.
Be the first to comment on this post using the section below.