As more and more medical information is digitized and available electronically, the risk for data breaches increases. It is here that the importance of Smart cards comes into picture. Being available since the 1970s, smart cards can be programmed with a multitude of applications including storing and processing data, accessing data and other functions.
Smart cards lock down medical data bases providing encryption and secure transmission, thus allowing access only to identified and approved users. The card also allows for pre-defined and assigned roles so sensitive data can be seen or acted upon on a “need to” basis.
Smart cards can provide speedy access to data when confronted with hurricanes like Katrina as well as other disasters. By using the smart card, with a password and user name or a biometric identifier, the medical records can be securely linked to the identification of the person seeking the information.
Most access to data, software, financial and other information relies on user names and passwords which can easily be cracked. Smart cards provide at least another factor of authentication by requiring that someone has the card and the password or the card and the biometric identifier for more security.
When matching up records, the most common identifier is name. Since names are not unique, records can be easily misfiled. Hospitals spend thousands of dollars each year cleaning out duplicate records. A biometric identification card at registration uniquely identifies a patient and eliminates this initial problem leading to fewer administrative headaches.
Current efforts to combat medical identity thefts are limited. Oftentimes, medical providers ask for a photo-id to further verify identity. However, these methods have proved to be inadequate. A biometric identity card ensures that the person presenting for services is who they say they are.
Thus, smart cards provide enhanced security necessary to comply with HIPAA, the “Red Flags” Rules and other privacy and identity laws and rules by providing secure and private access to data, coupled with certainty of identity of users and their roles.
