Are Biometrics the Future of HIPAA Security?

Medical electronic health records, or EHRs for short, may have the potential to be much more secure than conventional records. That sounds like a bold claim in light of news about data breaches involving personal information.

In fact, according to a report from the Identity Theft Resource Center and CyberScout, the number of tracked data breaches in the United States in 2016 hit an all-time high of 1,093.

And still, more than 78% of doctors use EHRs, says the CDC.  

For medical professionals and the healthcare industry as a whole, keeping sensitive data secure and adhering to HIPAA regulations is a top priority. After all, EHRs can include years of personal information, financial data and even personal identifiers like addresses, phone numbers and more.

The good news is that innovations in biometric security offer physicians a possible glimpse into the future of HIPAA security. Let’s take a look at three next-generation security examples.

1. The Fingerprint

The most recognizable form of biometric data is fingerprinting, and despite some debate over whether fingerprinting makes for a good patient experience, the healthcare industry has begun to explore and implement this method.  

The trend can be seen more in larger facilities like hospitals, but smaller, independent practices have been slowly implementing such technologies as well. Supporters of the technology say that identifying patients is easier, that it helps to guard against patient identity theft, and that it can help prevent illegal access to prescription medication. (

Though there is the potential risk that the system could be compromised, as with most technologies, the trend in growing. For instance, as of 2015, CrossChx (previously SafeChx) has provided fingerprint security technology to more than 178 hospitals across the country.

2. The Heartbeat

The average person might not be aware that the rhythm of your heartbeat is wholly unique to you. Researchers from Binghamton University in New York took that idea and developed a new way to protect personal health records using a patient’s heartbeat. Using an electrocardiograph (or ECG), a measurement of the heartbeat taken with a biosensor attached to the skin, researchers have made progress on creating a digital passkey to be used to gain access to protected information, including health records.

Researchers are continuing their work on the technology, such as accounting for variables and changes that happen due to aging, illness or injury. But providers may soon have access to the benefits of this technology, which presents a higher level of security that’s less time-consuming.

3. The Brain Wave

The brain emits unique patterns just like the heart does, in the form of EEGs, or electroencephalograms. Researchers are exploring ways to develop secure user authentication methods using EEGs. Among many variables to consider, they're studying whether external factors (like alcohol) could compromise identification, and whether other sensitive information that’s not related to authenticating identify could be revealed in the process, such as medical conditions, personality traits, emotions, drug use, behavior, and more. 

Needless to say, the use of brain waves for HIPAA security is a ways off. When the time comes, it’s expected that the cost of the technology will come down to make it accessible to the private sector.

With these and other biometric security innovations developing rapidly, healthcare practices are definitely poised to be on the forefront of next-gen technologies.    

About the Author

Kayla Matthews is an HIT journalist and blogger who writes about applications for big data and new technologies in the modern world. Her work has been featured on...

Subscribe to Our Newsletter!

Enter your email address to receive "Go Practice" as an email newsletter.

Kareo and PatientPop are now Tebra

The digital backbone for your practice success.

The combined power of Kareo and PatientPop

As leaders in clinical, financial, and practice growth technology, Kareo and PatientPop have joined forces as Tebra to support the connected practice of the future and modernize every step of the patient journey. Learn more