A passwordless future for clinicians? Industry paper points to a new paradigm
Photo: Solskin/Thomas Tolstrup/Getty Images
An industry paper calls for reimagined user authentication among clinicians through passwordless systems.
WHAT IT'S ABOUT
The white paper, "The Journey to Passwordless for Healthcare," is a project delivered by digital identity security company, Imprivata.
The recently published paper is based on a review of qualitative customer research and market data analysis on the implications of user authentication technology for clinicians.
Multifactor authentication utilises different types of authenticators categorised as "something you have, something you are, and something you know," the paper stated. These respectively pertained to devices, biometrics, and memorised PINs.
WHY IT MATTERS
The white paper makes a case for passwordless healthcare, citing the operational burdens of traditional multifactor authentication methods. It found that clinicians need to authenticate up to 80 times a day when employing push notifications and QR codes for user authentication.
According to the paper, purely relying on facial biometrics to access healthcare devices and systems is an example of going passwordless.
"Knowing where to start is key," the paper stated as it stressed a phased approach to passwordless transitions. To that end, the paper illustrated a password maturity framework, comprised of four levels, as guide for organisations in their passwordless journeys.
Level 0: All access is password- based.
Level 1: Reduced password usage with tap-and-go features installed in single sign-on (SSO) platforms.
Level 2: Masked passwords from the highest-impact workflows by moving to phishing-resistant authentication.
Level 3: Masked passwords for all end-user workflows. Phishing-resistant authentication is applied to all systems.
Level 4: End-to-end passwordless, where no passwords exist in workflow systems.
The paper's authors underscored the value of simplicity over complexity and advocated for the widespread adoption of centralised biometric solutions across all clinical workflows to facilitate frictionless clinician authentication.
Furthermore, they emphasised the critical role of clinical leadership and effective change management in ensuring the successful implementation of passwordless procedures.
"When providing critical patient care, clinicians can't get slowed down trying to remember a password. By adopting passwordless authentication systems, healthcare organizations can improve patient outcomes while enhancing security and efficiency. By reducing the reliance on passwords, clinicians can focus more on patient care and less on administrative burdens, improving productivity, care delivery, and alleviating burnout," said Dr Sean Kelly, MD, Chief Medical Officer and SVP of Customer Strategy, Healthcare, Imprivata.
_
Read more insights here.