OVERVIEW: Considering the very necessity of e-health services and the risk factors arising from it, patient identification seems to be inevitable more than ever.
It is interesting and unfortunate at the same time that the healthcare industry has faced data breaches and identity thefts, more than any other industry has. Interesting because, unlike financial institutions, it does not involve any cash transactions. Therefore, the data breaches surrounding it may not make sense to some at first. Unfortunately, because it is a sensitive industry that involves factors such as life and death.
The databases included in the medical healthcare industry not only contain patient’s private information but the medical history and health insurance details as well. The latter part of the patient’s information is what attracts cybercriminals or identity thieves. With this information exposed, the cybercriminals can exploit it in availing various medical benefits or for other fraudulent activities. This is the reason why data breaches in the medical industry are found interesting first and unfortunate later.
As for the US, there have had data breaches there as well. The data breaches were mainly due to the hacking of systems and servers or unauthorized data accesses. We have also listed a table below that includes the affected insurance companies, health service providers, pharmacies, and the pharmaceutical industries.
|Affected Institutions||Affected NO. OF People||Breach Type|
|Premier Family Medical||320000||Hacking|
|Conway Regional Health System||37000||Unauthorized data access|
|Northstar Anesthesia, P.A.||19807||Unauthorized data access|
|Renown Health||27004||Portable Electronic device|
|Wisconsin Diagnostic Laboratories||114985||Hacking|
The data breaches in the medical industry not only affects the patients or the medical institution. The economy of a country and its medical services’ reputation goes on stake too. One of the huge data breaches the ‘Anthem Breach’ had affected nearly 80 million people. The affected individuals were not compromised of the patients only but the medical services employees as well. Another instance of the data breach led an insurance company to face a lawsuit of some 115 million dollars in total.
Whoever has said that necessity is the mother to all inventions, said right. The constant vulnerability of the health databases and the history of its breaches paves the way for ‘Patient Identification’. The healthcare industry professionals should be including the patient identification processes as part of their services and professional obligations as well. The patient identification, for the sake of hindering any future data breach attempts, will go a long way in benefiting the medical health industry, its professionals, and the patients.
How to Verify Patient Identity
Patient identification is performed by implementing the process ‘Know Your Patient’.
It involves requiring the user to provide some government-issued official id document. The document could either be an id card, driving license, passport, etc. The user is then required to capture a picture of the face in real-time and upload it. The system cross matches the pictures on the documents and the one uploaded in real-time. Depending on the results, the user is either given a go or the account registration or signing-in fails.
Importance of implementing Patient Identification Policies
For the financial institutions and banking industry, having the ‘Know Your Customer’ or KYC implemented is a matter of survival to some extent. It not only safeguards the interests of financial institutions and their customers, but also helps in being compliant to various global, regional, or local regulatory regimes.
As for the healthcare industry, the KYC process transforms into the KYP or Know Your Patient. Although, to implement the KYP process has not been made obligatory yet, implementing it pays off in the long-haul to the healthcare industry. The reason why KYP is not a compliance rule by some regulatory authorities is that it does not involve the risks of money laundering; as opposed to the KYC, that is carried with one of the motives of preventing money laundering.
Nonetheless, the KYP does pay-off when implemented. Since almost every other step online for the medical industry would be safeguarded, the interests of each and every stakeholder would be safeguarded.
Coronavirus Second Wave
The coronavirus second wave is feared worldwide, especially in the UK. As the world has now learned, to some extent, in dealing with the virus, the emphasis on the ‘lockdowns’ and ‘safe distances’ would be more than ever. Consequently, the online medications, better known as the e-health services in the medical industry, would definitely have a surge in its demand. With the e-health services being inevitable in a ‘corona feared’ environment, the cybercriminals would, unfortunately, try to exploit the situation in their favor.
Considering the necessity of e-health services and the risk factors arising from it, patient identification now seems to be inevitable more than ever. With the patient identification performed prior to providing the e-health services, combating the coronavirus would become a little easier for any country. As no country can afford to have the pre-corona like public gatherings for now.