Smart Card Alliance Submits Comments to ONC: Multi-Factor Authentication Must be Incorporated into Meaningful Use Stage 2
Princeton Junction, N.J., March 3, 2011–The requirement for strong, multi-factor authentication needs to be incorporated into Stage 2 of Meaningful Use in order to adequately protect identities, networks and information systems, the Smart Card Alliance says in a statement submitted to the Office of the National Coordinator (ONC) for Health Information Technology.
The Smart Alliance submitted its comments to the ONC, U.S. Department of Health and Human Services, on February 24, 2011, in response to the Health IT Policy Committee’s Request for Comment – Stage 2 Definition of Meaningful Use of Electronic Health Records (EHRs) [PDF – 126 KB].
The proliferation of electronic health records and the sharing of sensitive information through health information exchanges means that increasing amounts of private medical information will be stored online, and an ever growing array of individuals and organizations will be granted access. Strong authentication combined with appropriate access and audit controls will be critical to maintain a secure, private and trusted health information system. This will require a solid identity management infrastructure for healthcare.
With the weak username and password authentication that is in place today, personal health information will be at serious risk; for example, tabloids could gain access to a celebrity’s health information, or a political candidate’s health information could be used against them by the competing party. High profile citizens aren’t the only ones at risk; the average person’s employment, insurance eligibility, and community status could be affected if their health information is compromised. Once information is disclosed, it cannot be made private again.
With the nation’s health IT infrastructure is in a fledgling state, the ONC should require multi-factor authentication solutions based on smart card technology that have been proven to thwart hackers and provide very high confidence that the person requesting access to a network or an individual health record is who they claim to be. Issuing patients and providers secure identity credentials based on smart card technology will reduce medical identity theft, bring numerous efficiencies to existing healthcare administration systems, and is in line with the National Strategy for Trusted Identities in Cyberspace (NSTIC) for access to electronic health records.
“Multi-factor authentication based on smart card technology provides an ideal foundation for improving the security and privacy of health information systems and electronic health records,” said Randy Vanderhoof, executive director of the Smart Card Alliance.
Read the Smart Card Alliance’s full statement at /publications-public-comments-regarding-stage-2-of-meaningful-use.
About the Smart Card Alliance Healthcare Council
The Smart Card Alliance Healthcare Council brings together payers, providers, and technologists to promote the adoption of smart cards in U.S. healthcare organizations. The Healthcare Council provides a forum where all stakeholders can collaborate to educate the market on how smart cards can be used and to work on issues inhibiting the industry. Healthcare Council participation is open to any Smart Card Alliance member who wishes to contribute to the Council projects.
About the Smart Card Alliance
The Smart Card Alliance is a not-for-profit, multi-industry association working to stimulate the understanding, adoption, use and widespread application of smart card technology.
Through specific projects such as education programs, market research, advocacy, industry relations and open forums, the Alliance keeps its members connected to industry leaders and innovative thought. The Alliance is the single industry voice for smart cards, leading industry discussion on the impact and value of smart cards in the U.S. and Latin America. For more information please visit http://www.securetechalliance.org.