Consumers are becoming more concerned that the sharing of their personal and medical data by providers and other healthcare stakeholders will lead to security and privacy breaches, according to a recent study by Black Book Research.

Indeed, as electronic healthcare systems become more interoperable and as more digital patient information is collected and stored, the number of people and organizations trying to access this data – provider employees, colleagues, business partners, payers, pharmaceutical companies, and other healthcare stakeholders – has dramatically increased.

That reality has created an urgent need among healthcare providers for strong identity management.

“When we have users on our system, do we know if they’re the good guys or the bad guys?” asks Brian Decker, senior manager at Mayo Clinic and program manager for the clinic’s Identity Management Platform. “Who actually are users? Are they appropriate users? Who has access to what and why? Who’s accountable for our users’ access?”

The bottom line, Decker says, is “you’ve got to be sure the right people have the right access to the right things at the right time, and nothing else.”

What’s more, the emergence of digital technologies in healthcare, including electronic health records, revenue cycle management systems, connected health, cloud computing, and mobile devices and applications, necessitates a renewed focus on security, scalability, and improved experiences.

“Healthcare has gotten very complex, with lots of regulations and lots of changes,” said Munawwar Khan, senior principal healthcare consultant at Mayo Clinic. “As a result, not all vendor systems do everything, so health organizations have to purchase different apps or create their own.”

When that happens, Khan added, it can create a “black hole” within the organization that could lead to security vulnerabilities.

To avoid that black hole, Decker and Khan recommend identifying and implementing practical solutions for establishing an identity management program, instituting appropriate governance and creating organizational change management and communications challenges within the identity management operational infrastructure. 

HIMSS17 runs from Feb. 19-23, 2017 at the Orange County Convention Center.

This article is part of our ongoing coverage of HIMSS17. Visit Destination HIMSS17 for previews, reporting live from the show floor and after the conference.

Like Healthcare IT News on Facebook and LinkedIn