Thursday, September 13, 2012

HEALTHeLINK TO ENHANCE EFFORTS TO KEEP PATIENT HEALTH INFORMATION SECURE

Receiving first implementation of certified tokens to validate physician identity

BUFFALO, NY – With patient health information becoming more and more accessible electronically, the protection of patient health data is taking on greater importance. While HEALTHeLINK already uses state-of-the-art security features that include multiple levels of password protection to ensure authorized user access as well as restricted access, the region’s clinical information exchange is enhancing its efforts to keep patient health information secure.

In conjunction with Gemalto, the world leader in digital security and Equifax’s Anakam Identity Services, a leader in identity management, HEALTHeLINK is launching Open Authentication (OATH) certified tokens, a new secure platform which allows flexibility in authenticating participating physicians in accessing their patient health information securely and electronically, while ensuring patient health information is kept private and confidential.

“The OATH solution offers our physicians a highly secure method to access electronic health records even in locations where hospital or clinic policies forbid cell phones for text message delivery or mobile applications,” said Dan Porreca, executive director of HEALTHeLINK. “We have used Equifax/Anakam’s authentication services successfully for several years and this addition allows us to more fully meet the requirements for secure access to patient records and offers flexibility in how we manage that security.”

HEALTHeLINK’s community wide and cost-effective two factor authentication system provides trusted access to, a better record of who is accessing, and more secure online transactions for physicians accessing the private information of their patients. Once first factor authentication is entered, such as a user name and password, it triggers the second factor authentication, which is a one-time passcode delivered to the physician through an existing device such as a text message to cell phone or phone voice delivery. Once authenticated, the user is able to access the clinical information exchange.

OATH certified tokens meet recent federal guidelines for two-factor authentication and are a secure solution to accommodate situations in which physicians are unable to receive their one-time passwords through text messaging or interactive voice response. Physicians often face network coverage problems in hospitals and are unable to utilize a mobile device.

Unlike paper records, every time patient medical information is accessed through the HEALTHeLINK the user is logged with an electronic fingerprint. This access can be audited to ensure that patient health information is only being viewed by the physician(s) providing treatment.

“Keeping my patients’ medical and clinical information secure is of utmost importance when accessing their electronic medical records as well as obtaining lab reports and other information through HEALTHeLINK,” said David Ellis, MD, director, division telehealth/attending physician, Emergency Department, Erie County Medical Center and chief of emergency medicine, VA WNY Healthcare System. “As I regularly access my patients’ records from a number of different locations, including my office and at the hospital, it gives me peace of mind to have this added level of security if I’m in a setting that won’t allow me to receive authentication information on my mobile device.”

No comments:

Post a Comment