Hospitals smart cards face many security threats in an environment complicated by high traffic volumes, complex staffing requirements, and a demanding regulatory environment. In California, hospitals must report any security breach event, after which it the California Department of Public Health (CDPH) checks policies, practices and audit trails, and executes inspections and assesses fines. Often, hospital administrators should also follow federal guidelines established through the Centers for Medicare & Medicaid Services (CMS) that, at times, conflict with state rules and lead to fines. Other entities that set security guidelines include the Joint Commission accreditation and certification body, which has oversight for physical building security, water, safety, fire, along with other security processes, and also the Det Norske Veritas (DNV), an independent foundation that works well with healthcare authorities and providers to control risk and improve healthcare delivery. Legislation including the Healthcare Insurance Portability and Accountability Act (HIPAA) of 1996, which established U.S. standards for security and privacy, also impact hospital access control policies and procedures.
Meeting contactless cards modern security challenges while complying with these as well as other regulatory mandates requires best practices either way physical plus it security, using flexible and scalable access control systems that could combat today evolving security threats while supporting future improvements in security and convenience. It is also important for healthcare institutions to optimize the continued valuation on their investment by making sure that ID cards utilized for opening doors may also be used for other applications including time-and-attendance, cashless payment and logical access control to protect IT assets and enhance patient information privacy protection.
|
