Healthcare

Electronic Medical Records and Personal Health Records

The medical records of tomorrow have already started to replace paper records as part of the digital revolution. As business challenges to adoption of electronic health records (EHR) and personal health records (PHR) dwindle, the technical barriers of security and authentication require attention. It is this arena in which the Anakam Identity Suite™ provides the greatest benefit.

For those considering the implementation of EHR or PHR solutions, the alternatives for authentication are varied. In the end, however, the diverse user base in this effort – patients, family members, practitioners, support staff, administrators – benefits from a solution set that removes the dependency on the distribution of costly end-user hardware. Instead, Anakam.TFA™ Two-Factor Authentication enables remote authentication of users across a variety of media already in their possession: cell phones, pagers, desk telephones, and Internet access. Through this ubiquitous and inexpensive approach, Anakam enables EHR and PHR vendors and those who implement their products to meet the security needs and requirements of the data protected within the systems.

To further enhance the EHR and PHR solution sets, the Anakam Identity Suite™ also includes Anakam.IDP™ ID Proofing that provides remote identity verification and the Anakam.CGW™ Credentialing Gateway that allows the verification of credentials against a reference repository once the identity has been confirmed. Now, as the patient seeks to have more control over how their medical information is shared and viewed, they can restrict it only to those who have actually passed an ID proofing transaction and have the appropriate credentials to view the record. Finally, Anakam.DPS™ Data Protection System encrypts records at rest and in transit such that they can only be viewed by those who have authenticated properly with Anakam.TFA™.

Electronic Prescribing

Electronic prescribing (eRx) has been around for years, but adoption has generally been poor across the industry. Original implementations of eRx have leveraged public key infrastructure (PKI) to authenticate the individuals in the transactions and digitally sign the prescriptions. For those who have experience with the complexities of PKI implementations including credential distribution, token distribution, and end-user authentication, the impediments to success are readily apparent.

With the advent of the Anakam Identity Suite™, the eRx landscape has changed dramatically. eRx applications can leverage the already deployed infrastructure of cell phones, pagers, desk phones, and web access to use the Anakam.TFA™ Two-Factor Authentication solution to validate the identity of the person conducting the transaction. Additionally, since Anakam.TFA™ can be customized to the environment, practitioners can be challenged only when the environmental variables demand a challenge if the enterprise security policy allows it. This reduces the inconvenience experienced by the practitioners in their clinical practice and therefore promotes the acceptance of authentication challenges when they are required.

Additionally, this authentication advantage extends far beyond the practitioner interface. It can also be implemented to enhance the security of transactions with patients by verifying their identity and reducing prescription refill fraud. Further, it can be used to support practitioners by shifting more of the administrative burden of prescription activities to clinical support staff and then having the practitioner approve the final transactions. Finally, pharmacies can also leverage Anakam in their transactions with the pharmaceutical supply chain – wholesalers and suppliers.

To enhance eRX, we have also incorporated identity proofing and credentialing within our application to enhance the existing Anakam.TFA™ authentication process such that you can conduct a hands-free ID proofing transaction with Anakam.IDP™ ID Proofing and then bind professional credentials with Anakam.CGW™ Credentialing Gateway to the identification transaction. The Anakam Identity Suite™ can help increase your confidence that it truly is the practitioner they claim to be on the other end of the transaction and make sure that they are authorized to conduct the transaction that they are performing.

If you have a PKI solution, and just want to make it easier to manage the end users, consider implementing Anakam.TFA™ to enable server side signing of the certificates. Server-side signing allows the end users to authenticate themselves to an enterprise server using our authentication platform, while then enabling the server to implement the PKI. This process makes the management of end-users much easier and the challenge of endless management of revocation lists less challenging. Further, you can even implement Anakam.DPS™ Data Protection System as a digital signature platform to functionally replace a PKI-based solution.

Insurance/Benefits Portals

As health insurance and other benefits issuers utilize customer-facing and provider facing portals to better manage their business by reducing cost and increasing hours of service to their customers, the risk of traditional username password authentication solutions grows. These portals provide electronic access to sensitive patient information, known as protected health information (PHI). With the known vulnerabilities of username/password solutions, portal owners have sought out two-factor alternatives, only, until now, to be daunted by the high cost of deploying tokens, key fobs, or cards to their broad-based constituency.

With the Anakam Identity Suite™, portal owners now have the ability to deploy true two-factor authentication without the cost and logistical burden associated with the deployment of traditional solutions with the implementation of Anakam.TFA™ Two-Factor Authentication. Constituents – patients, practitioners, clinical support staff, employers, and benefits managers – will simply leverage existing assets for authentication. They will take advantage of the broad-based use of cell phones, pagers, desk telephones, and even other Internet access to better establish their access privileges, thereby dramatically reducing the risk of compromise without significantly impacting the flow of business.

As the industry matures, standards and requirements for the use of electronic tools are becoming increasingly clear. For example, the Center for Medicare and Medicaid Services (CMS), in its recommendations for the implementation of the Health Insurance Portability and Accountability Act (HIPAA), has established a recommended guideline for the implementation of two-factor authentication for all PHI. Further, the Health Information Technology Standards Panel (HITSP), in its recommendations for the implementation for electronic health records, recommends the implementation of two-factor authentication and, when single-factor authentications is used, a requirement to notify users of risk of single-factor authentication.

Token/Fob Replacement

Whether you are a hospital facing the ever-increasing costs of maintaining a token or fob infrastructure, or a pharmaceutical company managing the daunting challenges of lost or missing tokens among your sales reps, Anakam.TFA™ Two-Factor Authentication provides a low cost alternative. We eliminate the need for the end-user token or fob – and thereby eliminated the need for complex logistics management, obsolescence planning, and helpdesk solutions. In so doing, the costs of your authentication infrastructure drop dramatically. Additionally, we leverage the tools and capabilities already present within the healthcare enterprise – cell phones, pagers, telephones, and Internet connections – to provide the same level of security as legacy two-factor solutions.

Anakam.TFA™ also enhances the end-user experience by enabling the customization of the challenge process based upon a series of pre-established environmental variables driven by IP analytics and situational behavior.