Blogposium: EMR and Biometric Integrations – Facial Recognition, Fingerprint Recognition, Palm Recognition, Retinal Scan. Authentication and Signatures Using Biometrics

EMR and Biometrics Integration
Biometrics (ancient Greek: bios =”life”, metron =”measure”) is the study of automated methods for uniquely recognizing humans based upon one or more intrinsic physical or behavioral traits.

In healthcare information technology, biometric authentication refers to technologies that measure and analyze human physical and behavioral characteristics for authentication purposes most often used with an EMR. In healthcare, the most common physical characteristics include eye retinas and irises, fingerprints and facial patterns with behavioral characteristics inlcude signature and Voice.

Other examples of physical characteristics include facial patterns and hand measurements, while examples of mostly behavioral characteristics include gait and typing patterns. It can be argued that all biometric traits share physical and behavioral aspects.

Biometric Methods

The consensus is that iris scans are superior for accuracy, followed by fingerprint scans. Hand and facial geometry, voice and dynamic signatures generally rank much lower except for the newer technologies which are designed with healthcare in mind and consider environmental conditions as part of the biometric matching.

Iris Scans
Iris scans are currently the “gold standard” for biometric accuracy. Critics, however, are likely to mention that people get edgy when asked to position their eye near any device. Critics are thinking of retinal scans, which require closer proximity (2-4 inches) to a camera and a quick, concentrated beam of light. Iris scans can be performed from farther away at a distance of up to 3 feet.
Fingerprint Recognition
Fingerprint recognition is becoming even more common as many laptops incorporate fingerprint readers into the standard laptop package. Even the new UMPC is being offered with fingerprint recognition.
Facial Recognition
Facial recognition was first implemented for identifying people of interest in large crowds. The government and casinos were the most common users. Some new facial recognition vendors have focused on the privacy and security necessary to be used in healthcare. Facial recognition’s continuous authentication creates a nice framework for ensuring security of clinical workstations. It also paves the way for true single sign on.

Operation and Performance

All of these technologies involve sensitivity trade-offs. Set sensitivity high and scanners will keep out people you want to keep out, but they’ll probably also keep out some who should be allowed in. In healthcare this could mean preventing access to a critical patient’s record. Set sensitivity low and fewer authorized people will be denied access, but so will fewer unauthorized people. This creates a large HIPAA violation.

These tradeoffs in performance of a biometric measure is usually referred to in terms of the false accept rate (FAR), the false non match or reject rate (FRR), and the failure to enroll rate (FTE or FER). The FAR measures the percent of invalid users who are incorrectly accepted as genuine users, while the FRR measures the percent of valid users who are rejected as impostors. In real-world biometric systems the FAR and FRR can typically be traded off against each other by changing some parameter.

Benefits and Problems of Biometrics

Benefits of Biometrics:
Speed of Login – Biometrics is significantly faster than a password login.
Unique Identifier for Patients – In order to avoid duplicate patients in your system a biometric match with previous patients can be used.
Lost Passwords – Costs of managing lost passwords is almost completely removed with biometrics.
Digital Signatures – Biometric authentication can be used to digitally sign electronic documents found in EMR systems. These can range from consent forms to prescriptions to privacy agreements.

Problems with Biometrics:
Register Biometric Identity – In order to recognize your biometric identity you must register your identity. Some biometric registration is done over time during login, but it still requires storing your biometric data in order to recognize you in the future.
Solution or Substance on Your Hands – Healthcare clinicians are often coming in contact with various solutions that make biometrics unable to recognize you. Lotion on your hands is one example using fingerprint authentication.
Speed of Recognition – If you move to quickly you won’t be recognized by the biometric scanner. While still faster than a password this causes relative frustration.
Remove Gloves – Gloves or other equipment may make you unable to use various biometric authentication.
Physical – Some believe this technology can cause physical harm to an individual using the methods, or that instruments used are unsanitary. For example, there are concerns that retina scanners might not always be clean.
Personal Information – There are concerns whether our personal information taken through biometric methods can be misused, tampered with, or sold, e.g. by criminals stealing, rearranging or copying the biometric data. Also, the data obtained using biometrics can be used in unauthorized ways without the individual’s consent.

Active Directory Integration

Most biometric devices can be integrated with active directory to easily manage users and profiles across multiple workstations. There are two possible methods of active directory integration with biometrics. A very common practice is to extend the schema to include new biometric attributes. After extending the schema this change can never be undone. The other method is to use existing active directory attributes for authentication.

Another new feature of biometrics directed to healthcare is shared/kiosk workstations. Active directory integration is usually necessary to create a shared workstation environment with proper security and prevent time spend logging on and off windows.


EMR and Biometrics


About the author

John Lynn

John Lynn

John Lynn is the Founder of, a network of leading Healthcare IT resources. The flagship blog, Healthcare IT Today, contains over 13,000 articles with over half of the articles written by John. These EMR and Healthcare IT related articles have been viewed over 20 million times.

John manages Healthcare IT Central, the leading career Health IT job board. He also organizes the first of its kind conference and community focused on healthcare marketing, Healthcare and IT Marketing Conference, and a healthcare IT conference,, focused on practical healthcare IT innovation. John is an advisor to multiple healthcare IT companies. John is highly involved in social media, and in addition to his blogs can be found on Twitter: @techguy.


  • Great wiki.

    I don’t have an answer for you (perhaps this can evolve with time) but it would be great to have a more qualitative measure of the efficacy of each biometric method.

    I keep hearing that “false positives” are a problem with some technologies- is that the same as FRR?

    Keep it up!

  • I’ll see what I can do to expand the FRR so that it is clearer what type of false positives you can expect from a certain level of matching.

  • I like the article and I like the topic! I’ve had my iris scanned just once. It was at the National Library of Medicine, and it politely told me I did not have access.

    The organization of your article is excellent until you jump right into “Active Directory Integration”. I’d recommend you generalize the section to talk about actual implementations of the technology. Then go into detail about Active Directory as an example, because Active Directory is just one product that integrates with biometrics. You probably want to define what Active Directory is and that it’s a Microsoft product. Also, capitalize both the A and the D. When first reading it, I wasn’t sure if you meant the Microsoft product or not.

    I’m not too familiar with Active Directory and how it implements biometrics, but from a quick Google search, it looks like you need a third party plug-in to get it to work.

Click here to post a comment