By Claire Thayer, December 7, 2017

Verifying healthcare consumer identities has become enormously complex requiring sophisticated advanced authentication technology.  A HIMSS report on Patient Portal Identity Proofing and Authentication, tells us that the National Institute of Standards and Technology (NIST) identifies three factors as the cornerstone of identity authentication:

• Something you know (for example, a password)

• Something you have (for example, an ID badge or a cryptographic key)

• Something you are (for example, a fingerprint or other biometric data)

Multi-factor authentication refers to the use of more than one of the factors listed above, which NIST requires to reach a high level of confidence in authentication.  At least one of the factors must contain a secret that is securely presented to the electronic process that is verifying the user’s identity.  A second factor can be used to protect or activate the first. In this guidance report, the HIMSS Identity Management Task Force suggests that incorporation of smartphones as a second factor into the processes of identity proofing and authentication will significantly improve the security of electronic interactions with patients while minimizing the additional cost and difficulty.

This recent edition of the MCOL Infographic and e-Brief, co-sponsored by LexisNexis, focused on the intricacies, complexities and challenges involved with identity management:

MCOL’s weekly infoGraphoid is a benefit for MCOL Basic members and released each Wednesday as part of the MCOL Daily Factoid e-newsletter distribution service – find out more here.