When using computers in healthcare, there is not much that seems more mundane (and irritating) than having to change your password on a regular basis. Government organizations and hospitals excel at requiring users to change their password every 42 days. Not sure why this particular number of days was selected — perhaps there is evidence that this is the safest timeframe. However, when one has to access multiple systems (EMR, Hospital system, Provincial EHR, Diagnostic systems) each with their own password renewal cycle, it can become a full-time job managing passwords. Add to that the need to never use the same password twice, plus the requirement for passwords to be of differing lengths and contain specific characters, and you have a formula for password perdition. Click here to read a very amusing (and unfortunately accurate) summary of the challenges of password management.
A number of years ago, I had the opportunity to work in a regional health authority as a member of the IMIT team. I met and spent time with a number of security and identity management specialists and was astounded at the complexity of identity management and how many different options exist to identify and authenticate users of computer systems. As a general rule of thumb, the more stringent the control, the more complex to use. The ideal option is to have high security with maximum ease of use. Unfortunately identity management often gets in the way of easy access to clinical data, particularly when there are multiple individuals using the same computer terminal.
In a medical practice, it is not uncommon to find a list of passwords on a sticky note attached to a computer for easy access by staff, particularly if needed to access clinical applications on the physician's behalf. The medical office is designed for maximum efficiency using whatever workarounds necessary to focus on the job at hand — namely, caring for patients.
Implementing a robust identity management program is a challenging change management exercise and one that is likely to be resisted for all the reasons provided above.
So, are there viable alternative options to passwords that are just as secure and do not require the dreaded 42-day password renewal? One option is to use a proximity card. This is an electronic wireless card that automatically athenticates a user when you are within a certain distance of a computer terminal. To read an earlier blog post on proximity cards, click here. However, proximity cards are not a perfect solution. They are costly and also are difficult to use if there are multiple proximity cards used within a practice. For a new user to login to a computer, the existing user has to move out of the critical proximity of the terminal to “log out” and the new user then can move into that zone to login. Efficiency is degraded because of the time lags in logging in and out. Another option is to use a thin client (such as an Oracle Sun Ray terminal). If the EMR is run on a remote server, the software can be accessed using a process called virtualization on these terminals. This probably does not mean much to readers, but how it works is that each user has a unique card. Upon entering the exam room, the card is plugged into the terminal and the same software session is immediately displayed as when removing the card from the previous terminal. This is fast and does not require multiple passwords or other factors to login or out. Not all EMRs can operate using Sun Rays; however, it is certainly a viable option. If you have an opportunity to see a Sun Ray based practice in action, I highly recommend you do so.
What are your experiences with passwords? Do you suffer from password fatigue. Do you have any suggestions for readers of this blog to help them with their identity and password management strategies? Add your thoughts by clicking on the “Comments” link below.