Forward to Basics: Smart Cards for Patient Identity
Today many, including the Obama Administration and high ranking government officials from both sides of the political spectrum, believe one such area is the healthcare system. The basics of tracking heath records on paper or using antiquated methods proving eligibility and securing payment for services need to be reformed by introducing efficiencies such as electronic health records, moving the United States to a modern medical information infrastructure. The new basic requirements must improve the quality of patient care, reduce costs, minimize provider workflow and address the concerns and efficiencies required to justify investment.
Identity sits at the very core of this reform effort. Specifically, a healthcare identity management system which would be able to validate a person's identity would immediately introduce real benefits to healthcare delivery and the ability to control cost and reduce fraud.
To protect patient privacy and security, the time has come for the US' public and private insurers to issue chip-based, smart card electronic patient identity credentials.
Most likely the health insurance card within the wallets of U.S. citizens today is made of paper or plastic and displays personally identifiable information such as your name, date of birth and gender. It probably does not have your photo on it, yet the US healthcare system uses this card for identity verification at point of service. There may be a barcode or a magnetic stripe on the card; these are to streamline the transaction process, but do not offer any privacy or security protection. In addition the magnetic stripe can be easily copied, introducing a number of fraud concerns like inaccurate medical records, medical errors and the risk and disturbingly growing trend of Medical Identity Theft (MIT).
The U.S. Department of Health and Human Services defines MIT as "the misuse of another individual's personally identifiable information such as name, date of birth, Social Security number, or insurance policy number to obtain or bill for medical services or medical goods." Given it is easily copied, the health insurance card may be putting users at risk and opening the doors for medical errors and fraudulent use.
About 20 years ago, even before the first generation of smart phones hit the market, smart cards were beginning to gain adoption around the world as a secure, standards-based, multipurpose identity credential providing high assurance that the credential belongs to the card bearer. Historically and today, smart cards are used as travel documents, government-issued IDs, health insurance cards, transit cards and driver licenses. In numerous well documented studies, organizations that issue smart card based identity credentials see a significant reduction in fraud and have enjoyed increased operational efficiencies.
To protect patient privacy and security, the time has come for US public and private insurers to issue chip-based, smart card electronic patient identity credentials. With an embedded microcontroller, smart cards have the unique ability to store large amounts of data, carry out their own on-card functions (e.g., encryption and mutual authentication) and interact intelligently with a smart card reader.
Smart cards offer a secure method of storing basic health information on the card like immunizations, allergies, blood type, emergency contact info, etc. Unlike the card in your wallet, a smart health insurance card can be used for identity assurance and strong authentication both physically (at the doctor's office) and virtually (logging into the insurer's web-based portal to make appointments and access personal health records). These are among the multitude of benefits and opportunities that U.S. citizens, including patients and healthcare providers alike, will one day be taken for granted as the new "basic".