Biometric fingerprints – The Barmherzige Brüder hospital group, Austria’s biggest private hospital chain, has dispensed with passwords, in preference for biometric fingerprint access to its systems. In its previous system ‘account groups’ of users could access and amend patients’ medical records: this was found to be outdated, insecure and unsafe, with managers unable to directly tell who had accessed any particular records and when.
The group’s first hospital to go live was in Graz; since last April, 270 members of staff have used a biometric solution delivered by Siemens IT Solutions and Services.
The group is now introducing the system across nine hospitals and three nursing homes. Password log on will go when each access point to the hospital information system (HIS) will be equipped with a PC mouse with biometric sensor to identify a user by his or her fingerprint.
Michael Wiltschnigg, the group’s IT chief, said the system was successfully tested for three months last year and is now being introduced to more of its hospitals. ‘The staff can now access the system within 2-3 seconds, whereas when we had a password system it took up to 15 seconds. Our users log in to our health information systems up to 50 times a day, so throughout the day that saves a lot of time. It’s also much more secure than with the former password system.’
Barmherzige Brüder also points out that it is now easier to tell which user had accessed the system and which documents they had read or changed. However, to access the system users need to have clean fingers and not be wearing gloves.
By mid-2009, when implemented across all the group’s centres in various locations (e.g. Vienna, Linz, Salzburg), it will be used by about 3,500 employees.
One smartcard and PIN – England’s Norfolk and Norwich University Hospital aims to introduce a new, single sign-on framework that will enable clinical users to log on to all software applications using one password. Initially it will implement Imprivata’s Single Sign-On software across its busy A&E department. If successful, the system will be deployed Trust-wide.
The OneSign appliance-based authentication and access management solution – to be installed by Enline – will integrate with existing Connecting for Health (CfH) smartcard technology, allowing users to sign on to all applications using one smartcard and pin number. Presently, employees must remember multiple usernames and passwords.
With OneSign the Trust can monitor, capture and log password-related user events in a centralised audit log and administrators can monitor access records for every user, application or workstation in one central location.
Bill Fisher, the Trust’s Head of IT, said that the system should deliver additional efficiency savings through a reduction in downtime caused by users who are locked out of their computers and have to call the IT helpdesk.