Fingerprint Biometrics Allow Hospitals to Securely Access e-Prescriptions, EHRs

Biometrics firms Bio-key and Lumidigm aid Genesis HealthCare System in Ohio in implementing finger-based biometrics for e-prescriptions and electronic health records.

Biometrics firms Bio-key International and Lumidigm have joined to help nonprofit Genesis HealthCare System in Zanesville, Ohio, add two-factor fingerprint biometrics to its electronic health record and e-prescribing platforms.

Bio-key will provide its biometrics identification software to Genesis facilities, while Lumidigm will contribute its Mercury fingerprint reader.

"As a result of our testing, we determined that Lumidigm's Mercury sensor provided us with the best performance, including the ability for our staff working in isolation rooms to establish their identity when wearing latex gloves," Ed Romito, vice president and CIO of Genesis, said in a statement.

The implementation with Genesis took less than five months, according to Romito.

Lumidigm's multispectral fingerprint sensors work for users suffering from dry skin or those wearing latex gloves, which many health care workers would rather not remove. "Because skin dryness is so prevalent in the health care industry, due in part to constant hand washing, traditional fingerprint sensors can produce up to a 20 percent failure rate," Bill Spence, Lumidigm's vice president of transaction systems, said in a statement. "In other situations, when the policy allows it, health care workers wearing latex gloves do not want to remove them to use the biometric reader."

The application's mathematical model authenticates the user's data at the time of transaction.

In the current phase of the project, 2,000 staff members at Genesis are using the application. In an additional phase, Genesis will use Sentillion's Vergence single-sign-on application. Sentillion is a unit of Microsoft.

Doctors and pharmacies have long been required in Ohio to process e-prescriptions using two-factor authentication. In June 2010, the DEA (Drug Enforcement Administration) began requiring two-factor authentication nationwide.

Authentication must include two of the following: "something you know (a knowledge factor), something you have (a hard token stored separately from the computer being accessed), and something you are (biometric information)," according to the DEA rule.

Biometric authentication provides an easy way to satisfy these requirements, Bio-key and Lumidigm report.

Health systems use fingerprint biometrics to check a user's identity at the beginning of a transaction and eliminate the need for passwords, according to Ben Hammel, Bio-key's director of identity-management solutions. "It also eliminates the sharing of identities so that the authorized person is completing the transaction," Hammel told eWEEK. "It creates a physical authentication."

With the enhanced user logs the Bio-key software can create, health care providers are able to improve their security auditing, according to Hammel.

The Bio-key application can also process multiple identities for individuals, especially if they've changed addresses. "The fingerprint allows you to correlate different names with one identity, thereby eliminating duplicate submission for insurance or test requests," Hammel said.

With patients already providing DNA samples such as blood to show identity, submitting a fingerprint is not a big adjustment in the health care industry, he explained.

When users touch the Lumidigm reader with their finger, Bio-key software extracts mathematical data and sends it back to the enrollment service for verification.

The Bio-key software is compatible with hardware from several other single-sign-on vendors as well, including Computer Associates, Evidian, IBM and Oracle.

Bio-key also integrates its biometrics application into the order-transactions process of Epic's EHR (electronic health record) platform and AllScripts' Sunrise Clinical Manager application.

Lumidigm and Bio-key announced their partnership with Genesis on Feb. 16.

Meanwhile, on Feb. 21, Lumidigm also announced a partnership with access-management specialist Imprivata to use its OneSign single-sign-on application to access EHRs, or EMRs (electronic medical records) while wearing latex gloves.

"Lumidigm's biometric sensors and OneSign give clinicians fast access to EMR applications regardless of environmental conditions," Ed Gaudet, chief marketing officer for Imprivata, said in a statement. "With support for Lumidigm devices, our customers can leverage their existing OneSign investments across clinician workflows that involve surgical gloves."