For many healthcare consumers, visiting patient portals to check medical records, schedule appointments, renew prescriptions and pay bills is a no-brainer. Accessible from multiple devices at any time of day, patient portals allow patients to manage their health from the comfort and convenience of their own home. COVID-19 has been a catalyst for even more patients to consider remote and virtual healthcare services. But with large healthcare data breaches increasing by nearly 200% between 2018 and 2019, one concern continues to lurk in the background: how do providers keep patient data safe?
Knowing the industry is prone to dated cybersecurity measures, hackers zero in on the lucrative medical identities market, with their top targets including:
- patient medical records
- billing information
- log-in credentials
- authentication credentials, and
- clinical trial information.
As COVID-19 encourages more patients online, the digital doors are open for even more identity thieves to try to steal – and profit from – sensitive data.
Healthcare organizations need to be confident that the person logging on is who they say they are, both to reduce the risk of a data breach and minimize HIPAA penalties. One way to balance consumer convenience with data security is to automate the patient portal enrollment process with robust patient identification protocols, making it harder for hackers to access patient information but without burdening patients.
2 ways to automate patient portal enrollment
1. Ditch activation codes that are easily misplaced
Many healthcare organizations give new patients an activation code to use the first time they log in to their patient portal. Unfortunately, these tiny bits of paper or codes hidden at the bottom of lengthy enrollment documents are easily lost or forgotten. The patient has to call the office, taking up valuable staff time and resources to figure out how to log on – the opposite of streamlined and scalable.
Instead, providers should consider an automated portal sign-up process. Using a combination of out-of-wallet questions, device recognition, risk models and cross-checks with linked patient data, portal access can be secured through a single platform. It’s easier and more reassuring for patients, and with far fewer calls to IT support.
2. Find quicker ways to integrate patient identity tools with existing systems
The more people who need to see patient data, the more opportunities there are for cyber thieves to sneak in and access that sensitive information. Being able to share data securely between multiple providers and across different platforms is essential.
During the current COVID-19 crisis, integrating authentication tools with other healthcare information systems (HIS) quickly is a huge advantage. One example is Precise ID, which can now integrate directly with Epic’s MyChart portal, Allscripts’ FollowMyHealth platform and many other HIS systems within two weeks.
Jason Considine, senior vice president and general manager of Experian Health’s Patient Experience Solutions says:
“Patients want to feel reassured that their data won’t wind up in the wrong hands. That’s even more important right now, as COVID-19 means more patients are choosing online services instead of face-to-face contact. With staff and cashflow under pressure, it’s even more important to get systems up and running as fast as possible. That’s why we’ve integrated with leading HIS systems to help them achieve interoperability within just two weeks.”
Patient portals have the power to transform the healthcare experience for patients, but only if they can trust that their data will be kept safe. Providers can protect their patients from identity theft by adopting a multi-layered solution that incorporates best practice and cutting-edge data security technologies.
Find out more about how Experian Health can help you automate patient portal security to avoid medical identity theft, so you can save money, avoid reputational damage and create a positive patient experience.