No matter how sophisticated the EMR that you may be using, logging in and logging out of the record system takes time and requires some discipline with respect to your password management processes. It is important to rotate passwords on a scheduled basis to ensure that access to the data is protected. However, passwords are just one mechanism to access your EMR. There are other tools that also allow authenticated access. For examples, biometric fingerprint readers. The following is an example http://www.zvetcobiometrics.com. The advantage of biometrics is the ability to use something that is unique to yourself - your fingerprint. As long as this is quick and accurate, it would be a simple task to lock your screen on exiting the exam room and login again by touching your finger to the biometric reader. However there have been recorded instances when a biometric reader has not recognized a user because of dirt on the scanner or reduced moisture on the surface of the finger.
A proximity card is an alternative mechanism to login to an EMR. These are devices that allow a user to be recognized simply by walking within a certain 'proximity' of a compatible computer. Each computer must also include a proximity card reader that is programmed to detect a specific card. The beauty of this option is the convenience of being able to walk up to a computer and have it recognize a physician as a user. Upon walking out of the exam room the computer screen would lock until it was next accessed by another authenticated user.
Are you aware of other options for login and authentication? Have you perhaps used a proximity card and reader or a biometric fingerprint reader in your practice or are aware of a colleague who is using one or more of these devices?
The ideal solution is one that provides both speed of access and protection of patient information in a way that allows the physician to practice most effectively.
To share your thoughts or comments, click on the 'Comments' link below
Alan,
A proximity card sounds like an ideal device for time and efficiency, but would the cost be prohibitive for a community-based physician office? I would have assumed that such security devices would only be found in enterprise-level facilities.
Posted by: Allan Horii | February 13, 2006 at 08:42 PM
I agree - cost is likely to be the issue here. However there is probably a price point at which it may be acceptable for a community based physician to purchase a proximity card. If the same practice computers that were being used for an Electronic Medical Record were also being used for access to regional lab results or diagnostic imaging reports, perhaps there could be a shared funding agreement with a health region to cover the cost of the proximity device and reader(s). The question I have is what is reasonable? $200 per physician? $300? I believe it would be important that physicians be required to carry as few authentication devices as possible. Thoughts?
Posted by: Alan Brookstone | February 13, 2006 at 09:52 PM
We have an enterprise solution for our clinic of 20 physicians. We have reviewed a number of alternatives and keep coming back to biometrics because you don't have to remember to bring the device to work. The major drawback of proximity cards was the movement of staff through busy areas and the system becoming confused as the proper user.
Digital card readers were another alternative but there are difficulties with staff and physicians losing cards or leaving them at home. In the next 6 months, we will be implementing a biometric solution and for around the $200 per physician mark.
The only drawback thus far is that our provincial funding requires 2 factor authentication for remote access which means physicians will still need to remember their passwords when they are accessing the system out of the office. If biometrics are used at the office, there is no way the physicians will remember their usernames and passwords.
Posted by: Tim Janzen | February 14, 2006 at 07:46 PM
Hi Tim
Can I ask (perhaps reply by email if you are reluctant to post here) which biometrics system/company you are using please?
Thanks.
Posted by: Jel Coward | February 24, 2006 at 08:33 AM