new-healthcare_marquee

BlockID for Healthcare: Contact-free identification and authentication for HIPAA compliance

The 1Kosmos BlockID mobile app not only ensures that healthcare workers remain fully HIPAA compliant in their interactions with their patients but it also ensures that patients remain in full control of their personal and health data, creating a trusting environment among all stakeholders. 

 


Patient data: Who's truly in control?

 

Health data ownership.

Today, 85% of office-based physicians and 90% of hospitals in the United States are using an EHRs, or Electronic Health Records. 

How does a healthcare provider access a patient's record? Ordinarily, it's by typing the patient's medical record into the EHR. From there, they can view and download from a dedicated web portal.

As a patient, have you ever asked yourself whether your medical information is yours or your healthcare provider's? 

Brace yourself: Legally, medical records represent professional medical opinions of a physician or a medical institution, and therefore may not necessarily be the patient's property... 

Actually New Hampshire is the only state that explicitly gives patients ownership of their health data.

Under federal and state law, patients have legal privacy, security and accuracy rights related to their health information.

However, once that information is captured and documented in written or electronic form (e.g., paper chart or electronic data file), and since the health care provider owns the media in which the information is recorded and stored, the health care provider gains the property right of possession of the patient's data.

In essence, the health care provider becomes the legal custodian of the patient's health care record and is given specific legal rights and duties relating to possession and protection of that health record.

Healthcare data breach.

Then add EHRs' high vulnerability to hacking.

There have been 28 data breach incidents reported between January and May 2020 so far, including email hacking incidents, malware attacks and unauthorized access to EHRs (source: U.S. Department of Health and Human Services). The consequences: Patient's medical records are exposed.

There are two major issues that facilitate the hacking of an EHR system.

The first one pertains to poor human practices in health care settings that tend to make matters worse. Avi Rubin, PhD, professor of computer science at Johns Hopkins University and technical director of its Information Security Institute, toured hospitals to study their practices and noted a general disregard for computer security, such as passwords commonly posted on computers using sticky notes. In one hospital, a nurse went from computer to computer typing in a particular physician’s password so the physician would not time out. That practice left the machines unattended and unprotected most of the time.

The second issue is a technological one. All databases that store patients' data are centralized systems. And with a centralized system, data is typically stored, updated, and managed through one location rather than spread out across many. When this core system is hacked, it translates to losses for all nodes and stakeholders that rely on it.

Moreover, a centralized system can accommodate the following commands: Create, Read, Update and Delete. Anyone with access to the database can indeed alter and compromise a patient's data.


1Kosmos BlockID: Create trust, strengthen confidentiality, and store data securely.

  • The utilization of advanced Biometrics to secure the identity of the patient. A hacker cannot reproduce and therefore compromise the analysis and result of a liveness test, for example.
  • A distributed ledger that is virtually uncompromisable and that initiates peer-to-peer transactions while ensuring the immutability of the data stored is the answer to risks associated with systems hacking.
  • The combination of advanced Biometrics to enroll and authenticate a patient and distributed ledger technology guarantees data is securely stored while facilitating exchange between the patient (data owner) and a healthcare provider. 

Data storage in the BlockID Private Blockchain Ecosystem.

To create trust in the relationship between a patient and his or her healthcare provider concerning the access and update of the patient’s medical history is essential.

Leveraging the BlockID Private Blockchain Ecosystem entails storing a patient’s medical history in a distributed ledger and the same patient being able to grant permission to a doctor to request the data, prior to consultation via the execution of a smart contract.

The immutability of a distributed ledger is leveraged to record all patient–provider interactions. Once a healthcare provider creates a record, the source is verified and its viewing permissions are authorized by the patient and stored in the network. The document can never be modified, creating trust between all parties involved.

blockid-blockchain-covid-19

Contact us to learn more about BlockID for Healthcare Providers


verizon-logo

chose 1Kosmos BlockID

“Cybercrime is a daily threat to every organization and government across the globe...These Verizon solutions (powered by 1Kosmos BlockID) offer a significant step forward in cybersecurity protection.”
Alex Schlager, Executive Director and Chief Product Officer of security services at Verizon Business