LONDON -- Single sign-on (SSO) technology specialist Imprivata Inc. used the Infosecurity Europe 2010 show to debut a new range of applications designed especially to help health care workers maintain security while working efficiently.
In the fast-moving world of medicine, where a delay can literally make the difference between life and death, security professionals have long struggled to build systems that maintain patient privacy while allowing the medics to do their jobs.
Now Imprivata has combined its SSO technology with facial recognition to provide health care workers with a simple way to authenticate themselves, especially on terminals that may be shared with other users.
The One-Sign Secure Walk-Away product employs a standard webcam to record the face of the user as he or she logs on to the system using some form of authentication, such as a smart card. If the user then moves away from the terminal for any reason, the screen will go blank after a pre-set period. When the user returns to the screen, it recognises his or her face, even if wearing a surgical mask, and resumes that user's session.
If another user wants to use the terminal when the first user is absent, the new user can just as easily authenticate themselves and start a new session simultaneously. The camera then photographs his or her face to allow the new user to stay connected easily.
"With the growth of electronic records, you need to be able to secure unattended
Requires Free Membership to View
SearchSecurity.co.UK members gain immediate and unlimited access to breaking UK industry news, virus alerts, new hacker threats, highly focused security newsletters, and more -- all at no cost. Join me on SearchSecurity.co.UK today!
Michael S. Mimoso, Editorial Director
workstations and also allow [remote access] roaming so that medical staff can view records," said Christian Merhy, director of product marketing for Imprivata.
"This provides seamless roaming," Merhy said. "You just tap your card on the reader and have access to those systems you are authorised to use." If the user then moves to another terminal – for instance, a surgeon doing his or her rounds in hospital wards – the session on the previous workstation is closed down immediately.
The system can also be configured to be location-aware, so that local printers can be mapped to the session. The function can also provide an audit trail of where users made their transactions.
A third new product from the company, called PrivacyAlert, is designed to help hospital administrators monitor the use of personal information in their organisation, and to spot any suspicious activity, such as the leak of medical information about a celebrity patient.
The new system aims to help administrators enforce privacy policies. It comes pre-loaded with more than 100 scenarios of suspicious behaviour, ranging from staff snooping on their neighbours or colleagues, to stealing the identities of recently deceased patients. If the system detects any such behaviour as defined by its rule base, then it will send an alert to the appropriate administrator.
PrivacyAlert can also be used by an administrator to investigate complaints from patients and to trace who accessed which files, and when.
The three products are the first to emerge from Imprivata since it set up a specialist health care division in January. The company already serves 500 hospitals worldwide.
Fran Howarth, a senior analyst with London-based Bloor Research, said that with the use of electronic health records being promoted by almost all governments to streamline processes in health care and reduce operational costs, health care organisations will find that they must put in place processes to control the security and privacy issues associated with electronic media.
"The use of stronger forms of identification tied to granular levels of access control is essential for confidentiality and for proving the authenticity and integrity of the information contained in those records," she said. "The new products from Imprivata answer many of those needs, even allowing for the use of advanced biometric identifiers such as fingerprint and face recognition technologies to more accurately prove the identities of those accessing the records and providing patient care."