Biometrics, Privacy and Identity Theft – What Are You Risking?

Some rights reserved by nitot

Is Biometric Technology Synonymous With A Violation Of Privacy?

In certain circles, it’s virtually impossible to mention the words “biometric identification” without also having a spirited discussion about how using biometric technology purportedly is a direct violation of an individual’s right to privacy.  The issue regarding biometrics and privacy is if someone enrolls in a biometric identification system (referred to as a “biometric template”), they are providing an image of their fingerprint, finger vein, palm vein, iris pattern or other physiological characteristic which is stored on a server or a computer.  As a result, the following two fears are the most common about what could happen to the stored “image”:

  1. Identity Theft – It can be stolen by a computer hacker and used to steal someone’s identity similar to if someone were to steal your social security number
  2. Government Database – Your biometric template can and will be used by the federal, state or local government to create a national registry of all citizens

The Truth About How Biometrics Really Works

The truth of the matter is that biometric identity enrollment templates stored on a server or computers are not actually images at all.  They are a mathematical representation of the data points that a biometric algorithm extracts from the scanned fingerprint, finger vein, palm vein or iris.  The identity template is simply a binary data file, a series of zeros and ones.  The algorithm then uses the template to positively identify an individual during subsequent fingerprint scans.  No image is ever stored or transmitted across a network.  In addition, the algorithm is “one way” which means that the template that is extracted is nearly impossible to be used to recreate the original biometric image.  In other words, it is nearly impossible to reverse engineer the data that is sent to positively identify an individual and successfully “steal” their biometric identity.

At M2SYS, we employ several important security features to ensure that the privacy of those using our Hybrid Biometric Platform system is fully protected:

• No images are ever stored

• Biometric data is stored in a proprietary format unique to the algorithm used in Hybrid Biometric Platform

• All biometric data is stored using the AES 128 bit encryption algorithm

Advanced Encryption Standard (AES), also known as Rijndael, is a block cipher adopted as an encryption standard by the U.S. government.  It is used worldwide and has been analyzed extensively, as was the case with its predecessor, the Data Encryption Standard (DES).  AES was adopted by the National Institute of Standards and Technology (NIST) as U.S. FIPS PUB 197 in November 2001 after a 5-year standardization process.


Can You Really “Steal”Someone’s Biometric Identity?

Notice we said “nearly” impossible.  It is certainly “possible” that a hacker can reverse engineer biometric data and recreate an image.  Anything is possible.  But the question is, why?  What would they be able to do with that image?  Fingerprint biometric technology has matured in sophistication over the years and is nearly impossible to fool with a photocopy, mold or any other variation of a person’s fingerprint. Vascular biometrics (e.g. – finger vein and palm vein) require blood to be running through the veins in order for the near infrared light to successfully capture the finger or palm vein pattern.

Furthermore, biometric enrollment in any system or for any type of identification purpose requires someone to be physically present at the time of enrollment.  It is not physically possible to enroll in a biometric system using anything other than your own physiological characteristics.

Don’t Speculate, Educate

Our role as a biometric research and development company is to not only advance the growth of the technology throughout the world but also to educate on how the technology works.  If you are unsure about how safe biometric technology is, we encourage you to educate yourself on the facts.  Do not speculate, theorize or make assumptions based on what you have “heard” from others.  Our blog makes for a great resource to read about biometric functionality and see firsthand examples of its application across many vertical markets.  Read, educate and learn.  Contact us if you have questions beyond what you find on our Web site or blog.  In addition, if your customers are skeptical of using biometrics and you want to reach out and ease their concerns, we are happy to write a guest blog post on your Web site, write an article for your company newsletter or customize a flyer for you to post/distribute proactively before you implement a biometric identification system.  M2SYS is always more than happy to provide you with anything you need to make the transition to biometric identification a smooth one!

If you feel that biometric technology is a violation of your privacy, please explain to us why you feel this way in the comments section below.  We welcome respectful comments, thoughts and opinions on our blog posts at anytime!

The Impact Of Biometric Technology On Accurate Patient Identification In Health Care

What’s Often Missing From The Health Care Debate

Flip on the TV set, turn on the radio or surf the Internet these days and it’s hard to not hear someone talking about or people debating the topic of rising health care costs in America.  Just this past spring, Congress passed a historic health care bill that promises sweeping changes in the industry to help drive down costs and make health care more accessible and affordable to people that live in this country.  For all of the talk about medical malpractice and practicing more efficient care, overhauling Medicare reimbursements, the effect of pre-existing conditions on the newly insured, the inability of insurance companies to cap lifetime benefits and many other topics, there is inadequate coverage of another very important topic that contributes to the rise of health care costs in this country – patient misidentification and health care identity fraud.

The Impact of Patient Misidentification and Health Care Identity Fraud

We have all heard the unbelievable stories about the individual who goes in for heart bypass surgery and ends up having a leg amputated.  Or the person who had their identity stolen by someone who racked up thousands of dollars of health care costs in their name.  We scratch our heads and wonder – how could something like this happen?  How could a hospital or medical facility patient identification system break down and fail causing something like this to happen?  Where were the checks and balances to prohibit this from happening?  Did you know it has been reported that over 195,000 deaths in the U.S. occur annually because of medical errors?  Of those, almost 60% were attributable to failure to identify the correct patient.  Furthermore, each year nearly 250,000 Americans may be victims of health care identity fraud and the Federal Trade Commission estimates that medical identity crimes may cost the U.S. economy $468 million per year.  It is also estimated that at least $55.6 billion of all health care spending is spent each year on the inter-related combination of medical liability litigation and defensive medicine.  The problem of patient misidentification and health care identity fraud are acute and exact a heavy toll on the health care infrastructure in this country.  So, what can be done?

Biometric Patient Identification Systems are the Solution

Accurate patient identification has been number one on the list of the Joint Commission on Accreditation of Healthcare Organizations’ (JCAHO) Hospital National Patient Safety Goals since 2003.  The health care industry has long been searching for a patient identification system to ensure 100% accuracy, safeguard patient health and reduce hospital liability.  In response to this need, M2SYS Technology has developed RightPatient™ the industry’s first multi-modal , multi-factor biometric patient identification system.  Through the use of Hybrid Biometric Platform™, RightPatient™ is the only biometric patient identification solution that gives health care facilities the option to use four different forms of biometric technology individually or in conjunction with one another to guarantee patient ID success, all of the time.

RightPatient™ Features and Benefits

Due to the fact that biometric templates are unique to an individual, RightPatient™ prevents duplicate medical records by alerting health care officials when a person is already enrolled in the system which substantially lowers risk for the hospital.  RightPatient™ also seamlessly interfaces with a health care facilities’ Electronic Health Records/Electronic Medical Records (EHR/EMR) to automatically enter a patient identification number into a field when a biometric scan is performed working fluidly behind the scenes to quickly identify the patient and provide health care staff with quick and timely information.  The use of RightPatient™ accelerates the check-in and registration process, while completely eliminating language barriers.  Unconscious patients can also easily be identified and doctors are ensured that the right medication is administered to the right patient.

The Costs and Impact of NOT Implementing Biometric Technology

Health care facilities that delay implementing biometric identification systems such as RightPatient™ inevitably will end up incurring unintended additional costs for their hesitation to act.  Earlier we outlined the consequences  of inadequate patient identification systems and the expense and liability that it creates for health care facilities which are ultimately passed on to patients through increased costs for services, higher insurance rates and more expensive medicine.  Enacting a biometric patient identification system helps to keep aggregate costs lower for health care in this country and because installation and maintenance of the system is so easy and seamless, why wouldn’t you want to look into biometric technology for your health care facility?

What are some of the initiatives you are effectuating in your health care facility to ensure accurate patient identification?  Please share them with us!

Enhanced by Zemanta