Take Action: Hospital Future Act (KHZG) & Multi-Factor Authentication Can Help Boost Your IT Security
You haven’t missed out on the German government’s initiative offering healthcare facilities up to €4.3 billion in funding for digitalization projects, but the deadline to take advantage is soon approaching. Backed by the Hospital Future Fund (KHZF) and driven by the Hospital Future Act (KHZG), the initiative aims to boost IT security and strengthen regional healthcare structures.
Though funding can be used for a variety of projects, healthcare organizations are required to use at least 15% of it on enhancing IT security — undoubtedly a critical aspect of any healthcare organization. It’s encouraging to see governments drawing attention and giving incentive to an industry where patient and substance security is a top priority as it becomes an increasingly strong target for cyber-attacks.
IT Security Is Front of Mind for Healthcare Facilities to Prevent the Risk of Tragic Consequences
Compared to 2019, the number of successful cyber-attacks on German health service providers is said to have doubled during 2020 — sometimes having devastating repercussions and costing human life. With lives at stake, it becomes complex not only to implement bulletproof IT security throughout countless intricate systems and healthcare applications, but also to ensure that best practices are being met by healthcare workers.
The security shortcuts that are symptomatic of this struggle, such as employees sharing the same desktop password or keeping complex passwords public by writing them on post-it notes, create an ideal opportunity for inside attackers. Fortifying healthcare organizations from the inside out starts with implementation of a Zero Trust architecture in conjunction with a supporting culture and can be underpinned with innovative IT security solutions funded by the Hospital Future Act.
An Environment Where Every Second Counts
In healthcare, time cannot be wasted on cumbersome IT processes. Healthcare workers require instant access to workstations, clinical systems and patient data at any time, so they can best serve their patients. Traditionally, IT decision-makers often struggle to balance security with speed of access due to cumbersome processes and outdated systems in need of heavy administration, with compliance implications and extensive help desk calls.
Invest in MFA Solutions That Can Be Used Together With Your Existing Infrastructure
MFA provides 360° protection of clinical networks, electronic health records, patient data plus systems and apps across the healthcare facility. By adding an extra layer of protection to critical resources without compromising user convenience, organizations can close vulnerability gaps without slowing down clinical workflows. In deploying advanced MFA, healthcare organizations can:
- Increase workflow efficiency, security and convenience of access at the same time
- Spend more time with patients by reducing time spent repetitively logging in to workstations, clinical systems and healthcare applications
- Enable secure, fast and frictionless access to shared workstations
- Eliminate insecure, shared or cumbersome passwords
- Effortlessly meet compliance, security and privacy standards such as GDPR, HIPAA, EPCS, ISO27001, FIPS 140-2 and Common Criteria
In healthcare, it pays to choose MFA solutions that integrate seamlessly with your existing IT environment and work together to form a stronger ecosystem — from back-end software, to authentication devices and credentials, to credential management platforms. HID leads the way in MFA solutions that deliver end-to-end protection of critical IT systems, applications and data, and the users who can access them.
Secure Digital Environments With Cost-Effective MFA Software
Award-winning HID DigitalPersona® integrates with existing infrastructure, such as Allscripts, eClinicalWorks, Imprivata, Office 365, Cisco and more to enable strong authentication for healthcare employees to prove their identity and securely access the resources they need — whether it is Windows logon, web, cloud, mobile VDI or VPN applications. Administrators can flexibly and easily apply security policies based on risk, and can leverage various authentication methods and form factors to match security or clinical workflow demands, including:
- Biometrics so that healthcare workers can authenticate to patient resources using facial recognition that works with N95 surgical masks, or fingerprint identification that works while wearing surgical gloves
- Smart cards and contactless cards such as FIDO-enabled HID Crescendo® C2300
- USB security keys, such as HID Crescendo USB-A and USB-C keys
- Mobile and Bluetooth®
- OTP and push notification
- And more
With DigitalPersona’s support for easy access to shared workstations, healthcare workers can move throughout their days without needing to re-enter passwords each time they need to log-in or access patient information. The solution also simplifies application access with single sign-on (SSO), as well as extending security so that even remote users can always access what they need.
Secure Physical and Digital Environments via a Single Access Credential
Using ‘what you have,’ such as a physical authenticator, is often seen to be one of the most secure methods of authentication. DigitalPersona works effortlessly with a wide variety of device authenticators, such as existing hospital-issued photo ID access badges or FIDO-enabled smart cards and security keys that can be used to access all resources protected by the MFA software. These authenticators can also be used in various other use case scenarios, from logging-in, to signing documents, secure printing, encrypting emails and more.
HID Global’s high assurance Crescendo smart cards can even act as a single access credential, providing converged access to both IT resources and physical spaces, such as specific floors, areas and wards or departments. With multi-protocol support, including FIDO, PKI, OATH, SEOS® and iCLASS®, HID Crescendo can suit your healthcare facility’s unique security requirements, and even secure access to your existing systems, such as Imprivata.
The Deadline Is Approaching!
The final date to apply for government funding is December 31, 2021. Don’t miss out on the opportunity for MFA to digitalize and simplify your IT security — by saying goodbye to slow access, vulnerable passwords, risky post-it notes and endless help desk calls. Take advantage of the €4.3 billion available and transform the way your healthcare employees access their work and ultimately care for their patients.