« Friday Five: Top 5 healthcare business news items from the MCOL Weekend edition | Main | Reforms and Innovation Needed to Lower Costs and Improve Quality in Healthcare »

Are your healthcare consumers who they say they are?

By Claire Thayer, December 7, 2017


Verifying healthcare consumer identities has become enormously complex requiring sophisticated advanced authentication technology.  A HIMSS report on Patient Portal Identity Proofing and Authentication, tells us that the National Institute of Standards and Technology (NIST) identifies three factors as the cornerstone of identity authentication:


• Something you know (for example, a password)

• Something you have (for example, an ID badge or a cryptographic key)

• Something you are (for example, a fingerprint or other biometric data)


Multi-factor authentication refers to the use of more than one of the factors listed above, which NIST requires to reach a high level of confidence in authentication.  At least one of the factors must contain a secret that is securely presented to the electronic process that is verifying the user’s identity.  A second factor can be used to protect or activate the first. In this guidance report, the HIMSS Identity Management Task Force suggests that incorporation of smartphones as a second factor into the processes of identity proofing and authentication will significantly improve the security of electronic interactions with patients while minimizing the additional cost and difficulty.

This recent edition of the MCOL Infographic and e-Brief, co-sponsored by LexisNexis, focused on the intricacies, complexities and challenges involved with identity management:



MCOL’s weekly infoGraphoid is a benefit for MCOL Basic members and released each Wednesday as part of the MCOL Daily Factoid e-newsletter distribution service – find out more here.

Reader Comments

There are no comments for this journal entry. To create a new comment, use the form below.

PostPost a New Comment

Enter your information below to add a new comment.
Author Email (optional):
Author URL (optional):
Some HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong>