Medical data security covers a wide territory -- from the transmission, archiving, and distribution of information all the way down to user authentication -- that is, making sure the person who accesses computerized information is the one who's supposed to have it.
Biometrics is part of authentication, the process that prevents intruders and impostors from accessing patient information such as images, test results, and other medical records. It's getting increased attention lately as heightened security requirements converge with rapid advances in technology.
Unfortunately, technology can't answer the larger questions, such as how does one strike a balance between the need for security and the need for immediate access when patients' lives are on the line? Such questions may not yield to easy answers, but they can't be avoided either.
Biometrics is "not science fiction, it's not James Bond anymore," said Herman J. Oosterwijk of the technology consulting firm Otech, presenting at this year's Symposium for Computer Applications in Radiology conference in Philadelphia. Various biometric schemes not only function now, in forms such as fingerprint authentication, but their importance is expected to grow in the U.S. and around the world, he said, especially as a consequence of the impending HIPAA security requirements to be implemented during the next 2-3 years.
Why would someone want unauthorized medical information? Well, suppose a famous sports figure had an MRI showing a less-than-perfect knee. "With a problem knee, his market value might go from $25 million down to only $5 million dollars a year," Oosterwijk said.
There are other scenarios, such as potential discrimination resulting from a positive HIV antibody test, that underscore the need for controlled access to information, he said.
According to Oosterwijk, there are three ways to authenticate users: by knowledge, by possession, and by property. Knowledge-based systems, such as pin codes and passwords, are inexpensive, widely available, and easy to use, he said, but they can also be lost, forgotten, or easily transferred.
"Every time I go into a hospital I see yellow stickies on the computers, 'User: System, Password: System.' It's the worst-kept secret," he said.
Then there are possession-based schemes, such as credit cards or electronic keycards. They're effective and inexpensive as well, but can easily be lost or transferred to unauthorized persons. In contrast, biometrics relies on an individual's physical properties or characteristics for authentication. Of the three methods, biometrics is the hardest to illegally replicate, he said, because individual properties, such as fingerprints, can't easily be copied.
Fingerprint scanners are among the most widely used biometric methods due to their low cost, ease of use, and technical accuracy, Oosterwijk said. But they don't work well in environments where hands need to be gloved, or special gels such as those used in ultrasound are required. And culturally, he said, criminal connotations associated with fingerprinting can make users hesitant to embrace the systems.
Hand scanners compare information on the distinctive characteristics of a person's hand with information in a database. Because the archived data is based on the geometric outlines of the hand, the systems are fast and efficient, with low data storage requirements. However, they don't work well for people with unusual characteristics, such as missing fingers, or impediments to movement, such as paralysis, that might prevent them from moving hand to scanner, Oosterwijk said.
Facial analysis has a high level of user acceptance, but it's technically difficult, and requires a large database to store the information.
Science-fiction fans might be intrigued by retina scanners, which use infrared light to scan the iris. Unlike fingerprint or hand scanners, they work well in places that require gloves, or where hands may get dirty. Yet they don't work for many sight-impaired people, or for those with artificial eyes. And according to proponents of iridology, the iris itself can change in the presence of organ dysfunction or disease, which could lead to misauthentication. Retina scanners "don't seem to be 100% accurate," Oosterwijk said.
Other biometric authentication methods rely on behavior, as well as a person's unique physical characteristics. Keystroke analysis, for example, continuously monitors a user's typing patterns. If someone were to leave the room and another person were to sit down and start typing, access could immediately be terminated, even though the user was already logged in.
Disadvantages to keystroke analysis include a possible need for dedicated terminals, and low practicality in the event of changed behavior, such as slower typing due to operator fatigue. Similarly, he said, signature analysis requires a person's signature to remain fairly constant.
Farther on the horizon, but coming soon, are devices such as ear recognition scanners, odor detection devices, and sweat-pore analyzers. Even Gattica-style instant DNA analyzers will be available before too long, but they're probably not practical for use in the medical environment, he said.
Still, Oosterwijk cautioned that authentication is just a small part of the security picture. Moreover, he said, the level of security and particular authentication methods need to be considered in terms of what is practical, with an eye on legal requirements and patient safety.
For example, he asked, what if you were working in an ER, and access to a patient's records required biometric authentication from a radiologist who couldn't be located? It's easy to see how a hospital could be held liable for not being able to properly treat the patient, he said.
"The point is, how much security do you need? This is an area of some concern. If you oversecure, you might eliminate access and become part of the problem. In my opinion, you need to be on the loose end, and make sure people have relatively easy access."
By Eric BarnesAuntMinnie.com staff writer
September 19, 2000
Copyright © 2000 AuntMinnie.com
