A Biometrically Controlled Healthcare System

I recently had a nice conversation with Brian Dubin, VP at CERTIFY, where we discussed biometrics in healthcare. Brian got me interested when he described CERTIFY as a biometrics based “big data” company. When I first started this blog, I fell completely in love with all the various biometric options. Check out one of my first posts on Facial Recognition back in April 2006. Shortly after that I even made this EMR and biometrics contribution to a healthcare IT wiki as part of a “blogposium”. [Excuse my moment of nostalgia]

While CERTIFY works with all of the major biometric fingerprints: Finger, Palm, Iris, Facial, Voice, and Signature, I was even more intrigued by a discussion we had around a healthcare system that was biometrically controlled (my word not CERTIFY’s). I realize that the word “controlled” might have negative connotations surrounding it, but I think it is fascinating to consider all of the ways that your biometric identity could be incorporated into healthcare.

Here are some examples I’m considering (some are a reality today and others will be in the future):
Arrive at the office – Imagine that when you arrive at the hospital or medical practice and a video camera grabs your image and the front desk already knows who you are and can say, “Hi John, glad to have you hear today.” Yes, this freaks out some people, but many of the front desk people remember the faces of the patients. Now they can know your name and check you in much quicker.

Positive patient identification – If you don’t like the video camera identification of a patient, you can also do positive identification of the patient using biometrics in a less big brother’s watching you way. When they sit down at the desk to check in, the patient can use a biometric device to identify themselves. Technology like the one I talk about in my post Retina Scanning vs. Iris Recongition are what can be used for this approach.

Voice recognition for a call center – Imagine when you call into a call center they used voice recognition to identify you. This could be used to access your information more quickly. Although, it could also be used to make sure that whoever the person in the call center pulled up matches the voice on the phone. This could solve them pulling up the wrong “John Smith.”

Single sign on – If your biometric identity is stored in the cloud, then that should make that identity available on any system. Plus, I’ve always been fond of single sign on with Facial recognition. The camera is always watching if you’re there or not and so if you open a new application it can immediately authenticate you since it’s constantly authenticating your biometric identity.

I’m really intrigued by the idea of using biometric identities across multiple systems. I’ve heard many hospital CIOs talk about the hundreds of IT systems they have to support. I’ve also heard doctors and nurses complain about the number of logins and passwords they have to remember. Could biometrics be the solution to this problem? Could a biometric identity be shared between systems or would each system need to do more of the traditional single sign on integration?

Unattended computer – Related to the single sign on, facial recognition can also identify when you’re no longer at a computer. If you leave the computer it can automatically lock the computer to ensure that the health data is kept private. You have to balance how quickly the device locks, but this can be great for security.

Location access – A lot of places already do this with fingerprint or palm scans to access private areas. Plus, this prevents the sharing of keys. You can’t really share your fingerprint very well.

Signatures – There’s certainly an art and identity in someone’s signature. However, why don’t we incorporate even more biometrics into someone’s signature? The combination of a signature plus some other biometric identity would be even more powerful. Plus, when I sign to pick up a prescription, if the pharmacy knew my fingerprint, they could indeed verify that I was the right patient.

HIE identification – I don’t know anyone that’s doing this, but I wonder if instead of trying to make a unique patient identifier, using social security numbers, or some other convoluted method of identity management, could we just use someone’s biometric identity? If we aren’t there today, I think we’ll get there eventually. I’m sure there could be mismatches when it comes to matching two biometric identities that were captured by two separate systems. However, we have plenty of mismatches using ssn, name, birthdate, etc. Maybe the real answer is a combination of biometrics and name, birthdate, etc.

A Biometric Healthcare Experience
Those are some general examples. Now let’s imagine a patient visit where they walk into the hospital and are immediately recognized as a patient seeing Dr. Jones for a surgery. The front desk knows who you and has you sign any forms using your biometrics and then directs you to room 315. When you arrive at room 315 you gain access to the room using your biometric identity. The nurse arrives to prep you for surgery and knows she’s working on the right patient because of your biometric identity.

The nurse signs into the EMR using facial recognition and that biometric identity is captured so the EMR knows exactly who is entering the data into the system. The lab arrives and attached your biometric identity to the blood draws and the results will automatically be sent to the EHR matching on your biometrics.

Your doctor writes a prescription for you which gets sent to the pharmacy. The pharmacy knows that he is indeed a doctor based on the biometric identity of the doctor. Once you go to pickup the prescription they verify your biometric identity to ensure you’re in fact the right patient for that prescription. You later go to your family doctor who’s received all of the information and reports from your surgery which were easily matched to you thanks to your biometric identity.

I could keep going, but I think you get the idea. I’m sure there are major holes in the above example, but I think it’s interesting to consider what a biometrically controlled healthcare experience would look like. Plus, to take a line from Google’s Founder, maybe I’m still thinking too small. It’s possible that biometrics will be able to do so much more. It’s not going to happen tomorrow or all at once, but I’m certain that biometrics will play a big part in the future of healthcare.

I’d love to hear your thoughts on this. Are we on the path to a biometric controlled healthcare system?

About the author

John Lynn

John Lynn is the Founder of HealthcareScene.com, a network of leading Healthcare IT resources. The flagship blog, Healthcare IT Today, contains over 13,000 articles with over half of the articles written by John. These EMR and Healthcare IT related articles have been viewed over 20 million times.

John manages Healthcare IT Central, the leading career Health IT job board. He also organizes the first of its kind conference and community focused on healthcare marketing, Healthcare and IT Marketing Conference, and a healthcare IT conference, EXPO.health, focused on practical healthcare IT innovation. John is an advisor to multiple healthcare IT companies. John is highly involved in social media, and in addition to his blogs can be found on Twitter: @techguy.

8 Comments

  • Biometric data is hard coded, not replaceable making it a poor authentication choice. My 10dig passcode is compromised? I get assigned a new one. What happens when my fingerprint data is compromised? I was first fingerprinted at age 8. Again at 17ish. Again for my carry permit, and several background checks and more than a a few occasions I’d much rather forget. My biometric data is free and open to everyone I ride the subway with…

    Biometric data is hard coded, and as much as we’d like to believe it can’t be forged, it’s only a matter of time.

    Maybe I’m just paranoid, but I dont think it’s a wise progression to link identity and data in such a manner.

  • Lauren,
    You make an interesting point about if a biometric identity is compromised, then it’s compromised for good. People aren’t going to go and get their biometric identity changed.

    In healthcare, this isn’t an issue since you’re suppose to have 2 factor authentication anyway. So, it would have to be your biometric identity and a passcode which could be changed.

    Plus, there are a number of places where it’s not so much about security as it is service. So, in those cases it can be really valuable.

  • I understand 2 factor auth, but I kindly disagree with the point that it doesn’t matter if one of those auths is permanently compromised, effectively leveling security to the original single auth . It’s no different than using your SSN where the ripple effect of compromise is similar without the safeguard of reset.

  • Biometrics are better suited within a multi factor authentication scenario. For example, scan my “affinity card”, enter my basic info (last name, first initial) and use the biometric as the “PIN” (personal ID number / password) to confirm (authenticate) identity. This is because the most biometrics do not return a unique (easily, technically searchable) value that can be used as an identifier as-is. Rather, the biometric is a changing value (different when enrolled and each time it is read) that is statistically identical through some complex algorithmic process. (Check out any “FBI” TV show or movie – how long does it take their ‘system’ to search through millions of finger-print records to find a match?! Now, how fast can the DMV find your record based on your Driver’s License (unique value/key)?).

  • […] Stores recognize you: Here’s one I can see direct healthcare applications for; next year, Gownder predicts, will be the year in which you walk into a store and the store “recognizes you” and tailors your experience accordingly. I can see this being relevant in virtually any public-facing healthcare setting, including the ED, medical clinics and perhaps even EMT settings. Sounds very much like John’s description of a “biometrically controlled healthcare system. […]

Click here to post a comment
   

Categories