Identity: The Key to the Future of Healthcare - …€¦ · William R. “Bill” Braithwaite, MD, PhD, FACMI Chief Medical Officer Anakam Inc. [email protected] Large-Scale,

Identity: The Key to the Future of Healthcare

© 2010 Anakam® Inc. 2

Why is Health Information Technology Critical?

  Avoidance of medical errors.   Up to 98,000 avoidable annual hospital deaths due to medical errors.

  Avoidance of healthcare waste.   Up to $300B spent annually on treatments with no health yield.   We spend 2X per capita as any other industrialized nation.   We rank last in population health status.

  Acceleration of health knowledge diffusion.   Average of 17 years for medical evidence to be integrated into

practice.

  Reduction of variability in healthcare delivery and access.   Access to specialty care is highly dependent on geography.


Why is Health Information Technology Critical?

  Promotion of public health and preparedness.   Surveillance is fragmented, and untimely.

  Empowerment of consumer involvement in health management.   Patients currently minimally involved in own health decisions.

  Strengthening of health data privacy and protection.   Public fear of identity theft and loss of privacy.

  Healthcare Reform cannot do these things without HIT   Paper records cannot solve these problems!


Exam Room

Evolution of Healthcare Paradigm

Paper Records

Patient Clinician


Exam Room


Paper Records

Electronic Health Record System

Patient Clinician


Exam Room


Patient Clinician


Clinical Decision Support System


Exam Room


Secure HIE Network

Patient Clinician




Exam Room


Lab Lab Lab

External Electronic

Data Sources

Secure HIE Network

Pharmacy Pharmacy Pharmacy

Patient Clinician




Exam Room


Secure HIE Network

Patient Clinician


AHRQ

Best Practice Rules Lab Lab Lab

External Electronic

Data Sources




Exam Room


Patient

AHRQ

Clinician


Secure HIE Network


External Electronic

Data Sources



Public Health


Exam Room


Patient

AHRQ

Clinician


Secure HIE Network


External Electronic

Data Sources



Public Health

Quality Reports to Clinicians,

Payers, and Public


Exam Room


Patient

AHRQ

Clinician


Secure HIE Network

Public Health

Best Practice Rules

Complete the Feedback Loop

Lab Lab Lab

External Electronic

Data Sources



Payers, and Public




Patient

AHRQ

Clinician


Secure HIE Network

Best Practice Rules

Complete the Feedback Loop

ID ? ID ?

Lab Lab Lab

External Electronic

Data Sources



Public Health


Payers, and Public


Future for Healthcare

  Goal: High quality, cost-effective healthcare.

  Means: Clinician/Patient interaction with Clinical Decision Support System (CDSS).

  Requires: EHR (with CDSS and HIE) and:   Interoperability with sources of clinical data and sources of

computable rules for best clinical practices.   Incentives to incorporate into healthcare practice.   Investigations of systemic failures to allow building systems that

detect and prevent errors through feedback at the point of decision making.

  Trust through agreement on standards for interoperable security and privacy (including patient consent).


HIE is the Backbone of Reform

  Standardized, encoded, interoperable, electronic, clinical HIE saves money*:   Net Benefits to Stakeholders of $78B/yr.

o  Providers - $34B o  Payers - $22B o  Labs - $13B o  Radiology Centers - $8B o  Pharmacies = $1B

  Reduces administrative burden of manual exchange.   Decreases unnecessary duplicative tests.

  HIE + EHR + CDSS => SAVES LIVES and $!   e.g., Kaiser, Geisinger, VA, …

  Interoperable HIE is KEY to Meaningful Use of HIT which, in turn, is KEY to health reform! *Center for Information Technology Leadership, 2004


Trust is the Ligament -- that Holds It All Together

  Loss of perceived control of PHI   Provider not in charge.

  Access to large amounts of PHI accumulated by HIE.   Increased risk.

  Providers must trust the HIE system   Lack of trust = no information exchange.

  Patients must trust the HIE system   Lack of trust = no permission to disclose health records.

  HIE will fail without access to PHI.

  Trust depends on believable privacy and security mechanisms and a clean track record …

Large-Scale, Cost-Effective, Authentication and Identity Management Solutions


Believable Security Requires Identity Assurance

  High level of assurance that the person who is sending information is who say they are.   Message non-repudiation.

  High level of assurance that the person who is receiving information is who we think they are.   Including mechanisms to prevent information from being changed or

viewed by anyone else.

  High level of assurance that the patient identified in the information is who we think they are.   Patient identification accuracy.

  These mechanisms are dependent on high assurance identity proofing and multi-factor authentication.   NIST defines requirements for high assurance at Level 3



Identity of Patient

  No national standard for how to uniquely identify patients

  Merge records from multiple locations   Matching probability is not 100%

  In-person identity proofing is impractical   VA currently requires it for MyHealthyVet.gov   Providers don’t want the job

  Electronic access to medical records   Internet access to patient portal requirement of “meaningful use” to

fulfill consumer engagement goal

  Electronic recording of consent directives

  Fraud prevention in public programs   E.g., Medicare and Medicaid



Identity of Provider

  Remote access to patient information (HIPAA)   Access from home   Access from wireless devices   Access from patient home

  Access to government held PII   OMB, FISMA, NIST

  Submission of quality information   Pay for performance programs   Meaningful Use incentive programs (CMS)

  Electronic prescribing



DEA IFR for Controlled eRx

  Only a DEA registrant may sign the prescription.

  To sign, the registrant must complete a two-factor authentication protocol that meets the requirements of NIST Assurance Level 3 and uses two of the following three factors: 1)  Something only the practitioner knows, such as a password or

response to a challenge question. 2)  Something the practitioner is, biometric data such as a fingerprint

or iris scan. 3)  Something the practitioner has, a device separate from the

computer to which the practitioner is gaining access.

  To obtain an authentication credential the registrant must pass identity proofing that meets the requirements of NIST Assurance Level 3.



Identity Issues

  Health information is now a target for identity theft.   HIPAA requires security to be a dynamic program responding

constantly to new risks.   Risk of breach increases as amount of information increases.

o  HIE aggregates data and risk from many sources.

  Single factor authentication is inadequate for remote access to information under federal regulations:   Two factor authentication (TFA) is now a requirement under CMS

guidance and OMB Memoranda. o  FISMA requirement for all federal information systems.

  TFA required for electronic prescribing of controlled substances. o  DEA regulation effective June 1, 2010.

  CMS requiring TFA for submission of quality data.   Some HIEs are also adopting strong authentication.

o  California and New York policy documents a TFA requirement for remote access.


HITECH Addresses Trust

  Secretary shall annually issue guidance on the most effective and appropriate technical safeguards for use in carrying out the HIPAA security standards.

  New federal security breach notification requirements for covered entities, business associates and personal health record providers.

  New privacy and security requirements for business associates.

  New restrictions on sale of electronic health information and use of health information for marketing and fundraising.

  New individual rights to restrict disclosure of health information to health plans and to obtain an accounting of disclosures of health information in electronic health records.

  Increased penalties for privacy and security violations.


Improved Enforcement

  HIPAA Civil and Criminal Penalties shall apply to a business associate in the same manner as they apply to a covered entity.

  Secretary shall formally investigate if a preliminary investigation indicates violation is due to willful neglect.

  Tiered penalties increase up to $50,000 (maximum $1,500,000).

  An individual who is harmed by an offense may receive a percentage of any civil monetary penalty or monetary settlement.

  The Secretary shall provide for periodic audits to ensure that covered entities and business associates comply with requirements.

  A State attorney general may bring a civil action in a district court to enjoin further violation or to obtain damages.

  Connecticut Attorney General filed a lawsuit 1/13/2010 charging a health plan with violations of the HIPAA privacy and security rules


Extending Trust under HITECH

  New entities are Business Associates:   Health Information Exchange.   Regional Health Information Organization.   ePrescribing Gateway.   Vendor of personal health record that contracts with a covered entity

to allow that covered entity to offer a PHR to patients as part of its EHR.

  Implementing NPRM to be published 7/14/2010   “Modifications to the HIPAA Privacy, Security, and Enforcement

Rules under the Health Information Technology for Economic and Clinical Health Act”


It’s Only Logical …

1.  Health Reform Expectations Depend on Meaningful Use of HIT

2.  Meaningful Use Depends on Functional HIE

3.  Functional HIE Depends on Trust in the System

4.  Trust Depends on Believable, Consistent and Well Implemented Security Practices

5.  Believable Security Depends on High Assurance of Electronic Identities for Patients and Providers

Everything in the Chain of Dependencies Must Work!


© 2010 Anakam® Inc. 26 Large Scale, Cost Effective Authentication and Identity Management Solutions

Strong Identity Management with Anakam Identity Suite®

Registration ID Proofing Credentialing Authentication Authorization Change Management

Identity Management Lifecycle

Public Records

Enterprise Records

Electronic Health

Records Management

Online Financial

Transactions

eCommerce

eGovernment


Anakam.TFA® Two-Factor Authentication Platform

The most comprehensive range of security vectors in the marketplace

Out-of-Band Challenges


One-time Passcode Text (SMS) to Existing Mobile Phone

Synthesized Voice (IVR) Passcode Delivered to Cell Phone or Landline

Voice Biometric Retrieval of One-time Passcode

Passcode sent to End-User’s Primary Email Account

IP Geolocation pinpoints location where end-user is logging in

PhishAvert™ Secret Phrase and Security Questions

Existing device in wide use (no Tokens, Fobs or Smartcards)

Ubiquitous Hardware used for out-of-band challenge to increase security

True Two-Factor Authentication confirms user’s identity

Verification Link designed to combat Man-in-the-Middle attack scenarios

Login attempts from high-risk locations can be setup to trigger automatic challenges

User verifies site to combats Phishing while random questions verify user identity

Device ID placed on personal computer helps to confirm user identity

Enabling Device Authentication combined with unique User ID for flexible access enforcement

Enable authentication enforcement based on predefined time or frequency of log in.

Provide different authentication parameters for multiple users sharing the same computer system


Questions?

William R. “Bill” Braithwaite, MD, PhD, FACMI Chief Medical Officer

Anakam Inc.

[email protected]


Documents

Identity: The Key to the Future of Healthcare - …€¦ · William R. “Bill” Braithwaite, MD, PhD, FACMI Chief Medical Officer Anakam Inc. [email protected] Large-Scale,