Holy Spirit Hospital in Camp Hill, Pa., has greatly streamlined the process of logging on to its Eclipsys EMR by implementing biometric technology for single-sign-on access.

"SSO definitely saves time logging in to the network, and subsequently into individual applications," Chief Medical Information Officer Dr. Richard Schreiber tells CMIO magazine. "There is no doubt that going up to an SSO machine, putting my finger down and getting into the network to quickly jump into an application within a few seconds is clearly an advantage."

But the technology still has some flaws. This particular system, from Lexington, Mass.-based IT security company Imprivata, struggles with e-prescribing and electronic fax applications. "At the moment we don't have the correct configuration to allow for that feature using SSO," Schreiber says. It's not a huge problem right now, but it could grow if the Drug Enforcement Agency approves a proposal to allow e-prescribing of controlled substances, according to Schreiber.

The University of California San Francisco Children's Hospital has been testing another form of SSO authentication: RFID badges and Microsoft/Sentillion Way2Care software for "tap-and-go" access to the Epic Systems EMR. The system has generally worked, with one glaring exception: users still must update passwords for individual applications. The hospital has taken steps to mitigate the burden, Dr. Seth Bokser, medical director for IT, says, "But it still seems like extra work for users to update passwords for individual applications when they are accessing them through SSO."

Bokser does see progress, though. "The goals of security and user efficiency were at one time perceived as being opposed," he's quoted as saying in CMIO. "What we've seen is a rapid and exciting evolution of our thinking and our technology, including SSO, that empowers us to bring these two goals much closer together."

Others are going in a different direction while still trying to streamline the login process. On Friday, HIE software vendor Axolotl announced it was joining with identity-management firm Anakam to install a multi-factor authentication system for the Santa Cruz (Calif.) Health Information Exchange. The companies say that the system will deliver one-time-use passcodes via email, text or voice message or voice biometrics, eliminating the need for users to carry passcards, tokens or other devices.

For more information:
- read this CMIO feature
- see this joint press release from Anakam and Axolotl

Related Articles:
It's time to revisit biometrics for patient ID, security
SPOTLIGHT: Two-factor authentication
Single sign-on deemed critical by IT execs