The healthcare industry experienced sweeping changes in 2020 as medical providers worked on overdrive to fulfill the needs of both patients visiting physical hospitals or clinics and those tapping telehealth services in unprecedented numbers.
One of the challenges with serving patients effectively online is that many healthcare providers store sensitive personal and medical information in electronic medical record (EMR) systems that are often inoperable with each other. This creates friction when attempting to provide care for patients swiftly and conveniently and when keeping that information secure, said Adam Silverman, M.D., chief medical officer for healthcare artificial intelligence (AI) service Syllable.
“What we saw on our end were huge numbers of patients who struggled with [using authentication portals to access telehealth], so, [although the portals were] put in place to ensure privacy, [consumers were] running headlong into this issue, [which was] creating an obstacle to care,” Silverman explained. “Health systems now were not only being inundated with people calling to schedule a video consultation, but … they were being flooded on their IT help desks by the same patients who could not log in to the portal in order to obtain care, and so it sort of reinforced this constant struggle between privacy on one hand and access or interoperability on the other.”
PYMNTS spoke with both Silverman and Vig Chandramouli, principal of healthcare at FinTech and healthcare venture capital firm Oak HC/FT, to determine how the events of 2020 have impacted providers’ patient care and digital identity verification needs. Serving patients effectively across multiple channels as more expect to connect in a variety of in-person and digital ways with their healthcare services is essential for the industry, and providers must also ensure they are adjusting their cybersecurity strategies accordingly.
Innovating And Unifying Identity In A Digital-First Healthcare World
Healthcare providers are already aware of the need to innovate to match patients’ strengthening preferences for digital healthcare and the need for enhanced security in this channel. EMR systems can be decades old and were designed to protect patients’ privacy when they were initially rolled out in the mid-2000s, Silverman said.
The issue now is that healthcare systems have yet to evolve beyond those legacy expectations, relying on “castle and moat” strategies for protecting patients’ data — so long as no medical information leaks out of the system, it is viewed as secure, he said. This approach is no longer viable in a world in which fraudsters are targeting digital systems, however — and one in which patients are increasingly aware of that fact, according to Chandramouli.
“Every day in the news, you now read about some ransomware attack or cybercrime or see how some pipeline is shut down or some hospital was held hostage, and these are all very possible and increasingly more likely things going forward,” said Chandramouli. “But I think that what that distills down into for the average consumer is just being worried generally about, ‘What data am I submitting and to where and to whom? I have no idea where this data goes next.’”
Ensuring sensitive personal information cannot be moved outside of healthcare systems by disgruntled or malicious employees is just as critical to security as ensuring medical data is safe during patient intake, Chandramouli continued. This means chief security officers, who typically think of cybersecurity in terms of the system and not in terms of the patients, according to Silverman, must adjust their strategies to protect patient data first in a way that can help foster trust. This means shifting away from digital identification measures such as usernames and passwords that have become more frustrating and less secure in favor of solutions that use more advanced technologies.
“I think if we found a passwordless option for patients, … that would certainly improve their experience,” Silverman said. “It probably would be less expensive because people would stop calling the IT help desk, and those calls take 20 to 30 minutes to try to complete and help somebody change the password. I think [login innovation] is a win-win for everybody.”
Using tools such as biometrics that rely on harder-to-fake patient identifiers, including behavioral indicators that they are in the same place as the device they are using to speak with providers, is one way healthcare services can boost their identification measures. Technologies such as AI are also set to play a larger role within the healthcare space for the future of digital identity verification as the demand for more robust solutions intensifies.
Taking A Page From The Retail And Payments AI Playbooks
Incorporating AI could have massive benefits for providers both in terms of securing patients’ data and allowing them to create the seamless user experiences patients demand, Silverman explained. Healthcare providers should therefore examine the way other industries, notably the retail or digital payments spaces, have used AI or other automated tools for such purposes.
“I think, on the back end … is where I think a lot of the really exciting stuff can get done because that is where AI really can be very beneficial in terms of monitoring the networks and identifying signals or patterns that are abnormal for a given persona,” Silverman said. “If you think about it, 10, 15 years ago, if you traveled outside of your home ZIP code, [if] you went on vacation, Visa would call you and say, ‘We just saw you filled up your gas tank in the neighboring state,’ and they would say, ‘Are you traveling because we just got a charge.’ So, they have even gotten more sophisticated in terms of their signal processing and [their] use of artificial intelligence to identify fraud. Healthcare [companies] should be able to do the same thing.”
Using the payments space as a blueprint could be key for healthcare providers to stay competitive as digital healthcare becomes more popular and as digital fraud becomes more prevalent. Bridging the divide between privacy and convenience, physical and digital, access and security or even between one database and another is the future of identity in healthcare and where automation, machine learning and collaboration can make a real impact.