Health Care Institutions Unify Safe Access to Information and Places

Health Care Institutions Unify Safe Access to Information and Places

Unseen dangers such as identity theft and infant abduction are often shadowed by the busy and buzzing atmosphere found in health care facilities. As security concerns in health care facilities increase, more and more institutions are combining their physical access control and logical access control systems for better management of their patients, staff, visitors and assets. In converging different access control systems, smart cards and biometric credentials are becoming the necessary tools to clearly track foot traffic and enforce authorized access to information and places, as they offer high-level data security and identification accuracy. Health care complexes often span across several buildings and campuses, adding onto the security management complication which can now be facilitated by effective physical access control and logical access control systems.

Securing public spaces is a tricky business. Health care facilities are no exception, where patients, visitors and staff openly interact on a daily basis. Three areas need to be reviewed to provide a solid safety assessment, said Kenneth Mara, President of World Wide Security. "First, the safety of patients and staff should be considered by limiting the amount of people who can or should have access to certain areas. Second, access to medical records and medicines need to be controlled. Third, health care facilities should be designed in a way to keep

Kenneth Mara, President of World Wide Security
patients from wandering the premises," he said. "The last consideration is especially important for psychiatric centers and patients with Alzheimer's or other dementia illnesses."

In health care settings, a card system combining physical and logical security has become the main access control method, for everyday administration and operation. "In health care, there are staff members that may shift roles depending on the time of day, or the location access is requested," said Derek Botti, IT Architect for Tivoli Industry Solutions — Health Care, Electronics, Manufacturing and Smart City Industry Lead, IBM. "Many do not have different physical access controls for the different roles, but do have different logical access controls for the different roles."

"The challenge often arises when the staff member in this capacity chooses the access control for one role when actually performing a secondary or tertiary role,” Botti added. “Add in a constant state of flux as it relates to volunteer staff, temporary staff and educational staff; and the security and IT departments typically face issues that are not seen in other industries or facilities."

Physical-Logical Integration
Building a reliable and fluid physical-logical access control system that contributes to operational, financial and clinical effectiveness is a necessity for many health care facilities. "As health care institutions expand their technology infrastructure and deploy multiple systems, they inherently produce an environment with separate access control systems, with multiple credentials issued and managed through duplicate processes with limited interoperability," explained Dave Cullen, Director of Business Development for Health Care, Lumidigm. "The result is an expensive process of credential management and an institution that is exposed and at risk for security breaches, resulting in expensive penalties and fines. More importantly, frustrations with system access will ultimately have a negative impact on the user and, in turn, on the quality of patient care."

The process of accessing areas and information is expected to become simplified by integrating the physical and logical access control systems into one. “IT and security departments are hoping to leverage n-factor authentication solutions to clinical systems and workstations that are able to use the same badges used for physical access to the buildings and nursing units themselves," Botti said. "In that regard, the IT and security departments are facing a desired integration of birthright provisioning, such that access to physical spaces and logical systems are granted through the same process."

Share to:
Comments ( 0 )