Gaining Admittance to the Hospitals Market

Within the course of any given day, a hospital or health-care CSO faces the task of not only protecting multiple points of access, but doing so in a way that enables movement and activity, is convenient for staff and patients, and does not impede the facility’s primary function: saving lives. Health-care facilities exist in a wide variety of medical focus, administrative complexity and size, yet all demand appropriate access control coverage.

This article strives to provide some introductory concepts that should guide your analysis of your health-care client’s security needs. As an integrator, an excellent starting point is reviewing your client’s security audit, then properly researching governing regulations, specific concerns and actual conditions of the facility.

Design and Regulatory Issues

From the moment you enter the property of a major hospital or health-care facility, it is likely that you are being monitored before you have even gotten out of your car. Regardless of if you pulled the ticket to access the parking garage, presented your employee ID to the parking entry reader or walked through the triage area of the ER, some form of access control and security has already come into play, getting more robust the further you get into the facility.

Called “security in-depth,” there are many different layers of security that go into health-care facilities, with security monitoring becoming stricter the deeper you go. Often, this involves multiple points of entry and numerous levels of security for different strata of employees, typically beginning with an employee ID or access credential.

While much of what we read about preventing unauthorized access to certain areas within hospital campuses or health-care facilities is positive, many institutions have begun implementing stronger physical security in the form of secure contactless smart cards.

State and federal laws are regulating higher levels of security, as well as requiring immediate reporting of “misdirected events” at health care-related facilities. These incidents, such as breaches of physical security and unauthorized access to confidential patient files, are addressed by putting deliberate procedures in place to audit, track and report their occurrence.

Misdirected events are business drivers that keep health-care CSOs awake at night. By implementing the appropriate security measures, procedures and precautions, CSOs aim to keep these events to a minimum, thereby reducing exposure to state and national regulatory fines. These fines cost health-care organizations $100 per failure to comply for civil incidents up to $25,000/year for multiple violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) under the Privacy Rule provision.

As an integrator, you can add value by being aware of this “pain point” for your customer, and designing your solution to minimize misdirected events.

Unique Access Control Needs

Health-care facilities and hospitals present unique challenges when it comes to security. The sheer volume of traffic and staffing at a major health-care facility rivals any campus environment. Whether the need is to restrict access to authorized personnel-only areas or protect personal and private patient information in either electronic or paper formats, security within the confines of a health care-related setting is multifaceted.

This requires knowledge of current and future physical and logical access needs, coupled with an understanding of the standards and regulations facing today’s health-care practitioners.

For years, health-care facilities have used a variety of methods to provide individuals with convenient yet secure access to facilities, the PC and the network. Because building access and IT systems have traditionally been separate purchasing decisions for many organizations, health-care employees are familiar with being forced to carry multiple cards or tokens, using multiple PINs or passwords to access various systems.

These practices have resulted in systems that are cumbersome for the employee to use and difficult and costly for the organization to manage and maintain, not to mention deadly within an emergency setting. Utilizing both contact and countless smart chip technologies, the use of a single card for identification, secure access and payments, can provide a unique solution for health-care settings.

Hospitals and health-care facilities, for example, would be able to offer doctors, nurses and support staff secure access to the emergency room and pharmacy, while also using the same card for visual ID verification and for making purchases in the hospital cafeteria. Using a single card also provides an opportunity for the medical center to combine workplace IDs and security access cards with payment cards, enabling employees to carry fewer cards.

One excellent example of how a contactless smart card-based application can benefit a health-care organization can be seen in the use of biometrics within a pharmacy setting.

Contactless smart cards minimize overhead when dealing with biometric template management and distribution. Rather than storing biometrics on a server and distributing them over a wired network, a contactless smart card-based system allows biometric templates to be carried by the card holder, offering a stronger level of authentication and security commonly referred to as “Match on Card.”

Contactless smart cards can enhance security and address privacy concerns, as the biometric template is stored on the secure card, rather than passed over a hackable network. Also, using a smart card for logical access applications can advance security, improve convenience for the end user and minimize help-desk calls for forgotten passwords for single sign-on cases.

The availability of cost-effective, multitechnology authentication devices is making it possible for hospital campuses and facilities to leverage their existing infrastructure, while adding new functionality at a reasonable cost. The convenience afforded by using a single smart card has many organizations re-examining the value of converging currently independent systems to achieve solutions that are robust, easily managed and cost effective.

Smart card-based IP access solutions can make it easier to meet the unique and demanding needs of health-care applications, such as medication dispensing within a hospital setting.

If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!

Security Is Our Business, Too

For professionals who recommend, buy and install all types of electronic security equipment, a free subscription to Commercial Integrator + Security Sales & Integration is like having a consultant on call. You’ll find an ideal balance of technology and business coverage, with installation tips and techniques for products and updates on how to add to your bottom line.

A FREE subscription to the top resource for security and integration industry will prove to be invaluable.

Subscribe Today!

Get Our Newsletters