Providers considering two-factor authorization, which requires users to provide at least one more proof of identity beyond user name and password to access information systems, face a big issue early on by deciding which members of the organization will use the new technology.

In some cases, it may make sense for all personnel who access multiple systems to move to two-factor authentication. But that could be financially prohibitive for hospitals that may decide on a limited deployment to select groups of employees, or to physicians and nurses who spend the day moving from workstation to workstation.

Providers also have multiple options for the additional identity measure, such as a biometric scan, token, scanning an ID badge with a reader on the computer, or a smartphone app that sends a PIN to the computer and the user then enters a password, says Dean Wiech, managing director at Tools4ever, a vendor of two-factor authentication software.  Further, Microsoft Windows 10 has a camera that supports facial recognition software.

Also See: Hospital Use of Two-Factor Authentication Grows, Not Enough

Price obviously will factor into the decision on what type of authentication to use; for instance, badges and readers can be expensive, Wiech adds. On the other hand, if a hospital already uses badges to authenticate cafeteria purchases or parking, it might be financial feasible to use the badge to also access computers. Biometrics also could be feasible as “there’s no expense for fingerprints,” he notes.

During the vendor selection process, Wiech suggests the information technology department conduct a proof of concept pilot test with a couple vendors to assess flexibility, speed of implementation and other factors to give providers some options to consider.

Questions to ask during vendor selection include common concerns such as the platform that authentication will run on, pricing, types of applications supported (mainframe, cloud or Windows apps), number of years in business and number of customers, the roadmap for product updates, whether the vendor supports established standards and how current the vendor is with Microsoft updates, Wiech says. But providers also need to ask about encryption methodologies and whether they are self-configurable or the vendor must be re-engaged each time a new app or version is introduced.

Single-sign-on software is also critical for clinicians on the floor and in the pharmacy. Wiech recommends virtual desktop integration where the desktop is hosted not on a particular computer but on a server, and use of Follow Me technology that several vendors support to enables users’ sessions to follow them where ever they go while accessing different computers.

Register or login for access to this item and much more

All Health Data Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access